Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_sepolicy / f70fcbd8789c381357f464863f613e16585fe864
  1. f70fcbd Merge "sepolicy: remove block_device access from install_recovery" by Nick Kralevich · 11 years ago
  2. f5e7162 sepolicy: remove block_device access from install_recovery by Stephen Smalley · 11 years ago
  3. b487661 Merge "bootchart: add policy rules for bootchart" by Nick Kralevich · 11 years ago
  4. 884ee2a checkseapp, seapp_contexts: drop sebool= support. by Stephen Smalley · 11 years ago
  5. 534fb07 checkseapp: Detect duplicate keys in seapp_contexts entries. by Stephen Smalley · 11 years ago
  6. c6a0feb Merge "checkseapp: Detect duplicate entries within seapp_contexts." by Nick Kralevich · 11 years ago
  7. 74ddf30 neverallow mounton lnk_file fifo_file sock_file by Nick Kralevich · 11 years ago
  8. 68a8f78 sepolicy: Add an introduction to the README. by Stephen Smalley · 11 years ago
  9. cc38e6d bootchart: add policy rules for bootchart by Yongqin Liu · 11 years ago
  10. 7d1b6c8 sepolicy: allow cross-user unnamed pipe access by Stephen Smalley · 11 years ago
  11. 47cd53a Allow ueventd to set verity.* properties by Sami Tolvanen · 11 years ago
  12. 0b82004 checkseapp: Detect duplicate entries within seapp_contexts. by Stephen Smalley · 11 years ago
  13. 41d961a Allow bluetooth surfaceflinger access. by dcashman · 11 years ago
  14. 9ad26a7 fix user builds. by Nick Kralevich · 11 years ago
  15. 3c985dd Merge "domain.te: neverallow System V IPC classes" by Nick Kralevich · 11 years ago
  16. 14d5619 domain.te: neverallow System V IPC classes by Nick Kralevich · 11 years ago
  17. 895a4f2 Allow bluetooth mediaserver_service access. by dcashman · 11 years ago
  18. b8ef2b0 fix "Unable to add user's profile photo id." by Nick Kralevich · 11 years ago
  19. 509186d Allow fsck to search /dev/block. by Stephen Smalley · 11 years ago
  20. f6cc34e fsck: remove permissive_or_unconfined() by Stephen Smalley · 11 years ago
  21. 0e30164 Allow bluetooth access to keystore service. by dcashman · 11 years ago
  22. fcd8691 allow init fs_type:dir search by Nick Kralevich · 11 years ago
  23. b00a037 No one needs LD_PRELOAD from init any more. by Elliott Hughes · 11 years ago
  24. 616c787 Remove service_manager_type auditing of shell source domain. by dcashman · 11 years ago
  25. 74df7f5 don't allow mounting on top of /system files/directories by Nick Kralevich · 11 years ago
  26. 5ec38c4 Dumpstate runs the same from shell as service. by Christopher Ferris · 11 years ago
  27. bba1838 Allow radio access to drmserver_service. by dcashman · 11 years ago
  28. 3c77d4d Add compile time checks for /data/dalvik-cache access by Nick Kralevich · 11 years ago
  29. 361cdaf system_server: neverallow dex2oat exec by Nick Kralevich · 11 years ago
  30. db1320f Add security policy for ProcessInfoService. by Ruben Brunk · 11 years ago
  31. d31936f appdomain: relax netlink_socket neverallow rule by Nick Kralevich · 11 years ago
  32. bfe4c8b radio.te: make radio mlstrustedsubject by Nick Kralevich · 11 years ago
  33. 5fef2de Allow shell to find all services. by dcashman · 11 years ago
  34. 0f0324c domain.te: allow /proc/net/psched access by Nick Kralevich · 11 years ago
  35. 99b4052 Allow system_app to access /data/data link files by Sharif Inamdar · 11 years ago
  36. 9dc5956 Merge "Revert "isolated_app: Do not allow access to the gpu_device."" by Nick Kralevich · 11 years ago
  37. c21e9cc Merge "Allow debuggerd to redirect requests." by Christopher Ferris · 11 years ago
  38. 2ada7f3 Revert "isolated_app: Do not allow access to the gpu_device." by Nick Kralevich · 11 years ago
  39. b51c4dd Allow debuggerd to redirect requests. by Christopher Ferris · 11 years ago
  40. 566e8fe Record service accesses. by dcashman · 11 years ago
  41. 7d1deec Record surfaceflinger power_service access. by dcashman · 11 years ago
  42. d320525 Merge "Allow shell to read /proc." by dcashman · 11 years ago
  43. 25fef2e Allow shell to read /proc. by dcashman · 11 years ago
  44. 33bf053 Rules to let netd read packets from NFLOG target. by Jeff Sharkey · 11 years ago
  45. 0d16b5a Merge "Remove known system_server service accesses from auditing." by dcashman · 11 years ago
  46. c631ede Remove known system_server service accesses from auditing. by dcashman · 11 years ago
  47. 7818711 Allow nfc nfc and radio service access. by dcashman · 11 years ago
  48. 99940d1 remove /proc/net read access from domain.te by Nick Kralevich · 11 years ago
  49. 4a89cdf Make system_server_service an attribute. by dcashman · 11 years ago
  50. 34d32ea selinux: add pstore by Mark Salyzyn · 11 years ago
  51. 3b0988c Merge "Adjust sepolicy-analyze to reflect libsepol changes." by dcashman · 11 years ago
  52. b5ffbb7 restore shared_relro functionality by Nick Kralevich · 11 years ago
  53. 2c6ef5f Merge "su.te: suppress service_manager related denials." by Nick Kralevich · 11 years ago
  54. 4045753 Allow system_app to locate mediaserver_service. by dcashman · 11 years ago
  55. bf254b4 su.te: suppress service_manager related denials. by Nick Kralevich · 11 years ago
  56. 4fc3780 Merge "init.te: remove unactionable auditallow statements" by Nick Kralevich · 11 years ago
  57. 30707a4 init.te: remove unactionable auditallow statements by Nick Kralevich · 11 years ago
  58. eb4e2ab uncrypt: fix OTAs by Nick Kralevich · 11 years ago
  59. 6ae8291 Merge "bluetooth: allow sending bugreports via bluetooth" by Nick Kralevich · 11 years ago
  60. 2247704 Merge "init: allow rootfs symlink removal" by Nick Kralevich · 11 years ago
  61. 0780f30 Allow dumpstate and shell to list services. by dcashman · 11 years ago
  62. 8809341 init: allow rootfs symlink removal by Nick Kralevich · 11 years ago
  63. 39c339a Merge "Allow find access to drmserver_service from nfc and platform_app." by dcashman · 11 years ago
  64. b21071e Merge "toolbox: remove permissive_or_unconfined()" by Nick Kralevich · 11 years ago
  65. 97d8194 Merge "allow toolbox block_device:dir search" by Nick Kralevich · 11 years ago
  66. 3fbeb18 Allow find access to drmserver_service from nfc and platform_app. by dcashman · 11 years ago
  67. bfa2baa Merge "Allow shell domain to use system_server_service." by dcashman · 11 years ago
  68. 0de2b45 Adjust sepolicy-analyze to reflect libsepol changes. by dcashman · 11 years ago
  69. 403d8fe Allow shell domain to use system_server_service. by dcashman · 11 years ago
  70. 754f5ea Allow overiding FORCE_PERMISSIVE_TO_UNCONFINED by William Roberts · 11 years ago
  71. db5242a toolbox: remove permissive_or_unconfined() by Nick Kralevich · 11 years ago
  72. 0bc6c80 allow toolbox block_device:dir search by Nick Kralevich · 11 years ago
  73. 9819a6c bluetooth: allow sending bugreports via bluetooth by Nick Kralevich · 11 years ago
  74. d94b78c toolbox: android_fork_execvp_ext() requires getattr ioctl by Nick Kralevich · 11 years ago
  75. 5432e7c Merge "toybox and toolbox should be considered equivalent." by Elliott Hughes · 11 years ago
  76. 367ef96 toybox and toolbox should be considered equivalent. by Elliott Hughes · 11 years ago
  77. cd82557 Restrict service_manager find and list access. by dcashman · 11 years ago
  78. b7d0ae3 Merge "sepolicy: allow system apps to access ASEC" by Nick Kralevich · 11 years ago
  79. c06ed8f sepolicy: allow system apps to access ASEC by Pawit Pornkitprasan · 11 years ago
  80. 2c75918 Allow fcntl F_SETLK on sockets. by Stephen Smalley · 11 years ago
  81. fc6214b add permissions for adb shell to create symlinks in /data/local/tmp by Brian Carlstrom · 11 years ago
  82. 10ecd05 Add neverallow rule for set_context_mgr. by dcashman · 11 years ago
  83. 6322a32 Revert " Add neverallow rule for set_context_mgr." by dcashman · 11 years ago
  84. 76f3fe3 Add neverallow rule for set_context_mgr. by dcashman · 11 years ago
  85. 0be02b3 Merge "Fix sepolicy-analyze build with different toolchains" by Daniel Cashman · 11 years ago
  86. 7d71516 Do not allow isolated_app to directly open app data files. by Stephen Smalley · 11 years ago
  87. 47c1461 Fix sepolicy-analyze build with different toolchains by William Roberts · 11 years ago
  88. 6963655 Remove entropy from service_contexts. by dcashman · 11 years ago
  89. c48971f allow system_server to set ro.build.fingerprint by Nick Kralevich · 11 years ago
  90. f330f37 Remove network shell script by William Roberts · 11 years ago
  91. 9ab0194 App: add permissions to read symlinks from dalvik cache. by Jeff Hao · 11 years ago
  92. f19cca3 Merge "allow run-as to access /data/local/tmp" by Nick Kralevich · 11 years ago
  93. 1c16abd Allow init to chown/chmod character devices. by Stephen Smalley · 11 years ago
  94. dd8571a allow run-as to access /data/local/tmp by Nick Kralevich · 11 years ago
  95. 1795b66 Allow recovery to create device nodes and modify rootfs by Nick Kralevich · 11 years ago
  96. ee58864 Revert "DO NOT MERGE: Flip FORCE_PERMISSIVE_TO_UNCONFINED to true" by Stephen Smalley · 11 years ago
  97. 39f92a8 am f7e98fe2: Merge "recovery.te: add /data neverallow rules" by Nick Kralevich · 11 years ago
  98. 57df711 am 35a4ed80: Add wpa neverallow rule by Nick Kralevich · 11 years ago
  99. f7e98fe Merge "recovery.te: add /data neverallow rules" by Nick Kralevich · 11 years ago
  100. 35a4ed8 Add wpa neverallow rule by Nick Kralevich · 11 years ago