Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_sepolicy / 50e37b93ac97631dcac6961285b92af5026557af / . / debuggerd.te
blob: 131c56c529c4e2c277452fdc048efcacf019f49b [file] [log] [blame]
Stephen Smalley2dd4e512012-01-04 12:33:27 -0500[diff] [blame]1# debugger interface
2type debuggerd, domain;
repo sync50e37b92013-05-14 21:02:55 -0700[diff] [blame^]3permissive debuggerd;
Stephen Smalley2dd4e512012-01-04 12:33:27 -0500[diff] [blame]4type debuggerd_exec, exec_type, file_type;
5
6init_daemon_domain(debuggerd)
7typeattribute debuggerd mlstrustedsubject;
Stephen Smalley5f9917c2012-07-31 09:15:46 -0400[diff] [blame]8allow debuggerd self:capability { dac_override sys_ptrace chown kill fowner };
rpcraigabd977a2012-08-10 06:25:52 -0400[diff] [blame]9allow debuggerd self:capability2 { syslog };
Stephen Smalley2dd4e512012-01-04 12:33:27 -0500[diff] [blame]10allow debuggerd domain:dir r_dir_perms;
11allow debuggerd domain:file r_file_perms;
12allow debuggerd domain:process ptrace;
William Roberts7bb2a552013-04-04 13:17:36 -0700[diff] [blame]13security_access_policy(debuggerd)
Stephen Smalley5f9917c2012-07-31 09:15:46 -0400[diff] [blame]14allow debuggerd system_data_file:dir create_dir_perms;
15allow debuggerd system_data_file:dir relabelfrom;
16allow debuggerd tombstone_data_file:dir relabelto;
Stephen Smalley2dd4e512012-01-04 12:33:27 -0500[diff] [blame]17allow debuggerd tombstone_data_file:dir create_dir_perms;
18allow debuggerd tombstone_data_file:file create_file_perms;
19allow debuggerd domain:process { sigstop signal };
20allow debuggerd exec_type:file r_file_perms;