| dcashman | 2e00e63 | 2016-10-12 14:58:09 -0700 | [diff] [blame] | 1 | # TODO: deal with tmpfs_domain pub/priv split properly |
| 2 | # Read system properties managed by zygote. | ||||
| 3 | allow appdomain zygote_tmpfs:file read; | ||||
| Nathan Harold | ee26864 | 2017-12-14 18:20:30 -0800 | [diff] [blame] | 4 | |
| 5 | neverallow appdomain system_server:udp_socket { | ||||
| Nathan Harold | 252b015 | 2018-03-27 06:34:54 -0700 | [diff] [blame] | 6 | accept append bind create ioctl listen lock name_bind |
| 7 | relabelfrom relabelto setattr shutdown }; | ||||