Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_sepolicy / refs/heads/android-15 / private / system_app.te
  1. ef74264 system_app.te: Allow System app to read /system_dlkm by Ramji Jiyani · 11 months ago
  2. 12cefa5 system_app.te: Update obsolete comment about cgroups by T.J. Mercier · 12 months ago
  3. c8ac777 system_app.te: fix misleading comment by Nick Kralevich · 1 year, 3 months ago
  4. b071882 Allow system app and update_engine to read OTA from /vendor by Pawan Wagh · 1 year, 4 months ago
  5. 015429c Remove the usage of the pm.archiving.enabled system property by Song Chun Fan · 1 year, 5 months ago
  6. e972e93 Revert^2 "Add pm.archiving.enabled system property" by Inseob Kim · 1 year, 5 months ago
  7. 840041d Revert "Add pm.archiving.enabled system property" by Song Chun Fan · 1 year, 5 months ago
  8. 22dd5d7 Allow system apps to read and write /data/misc/connectivityblobdb/ by Gabriel Biren · 1 year, 6 months ago
  9. 25b1829 Merge "Allow binder calls from system app to update engine" into main by Pawan Wagh · 1 year, 8 months ago
  10. c35c8af Allow binder calls from system app to update engine by Pawan Wagh · 2 years ago
  11. da5a09b Add neverallow rule for force l3 prop by Kyle Zhang · 1 year, 8 months ago
  12. 3482040 Merge "SEPolicy: Add game sysprop read access for system_app" into main by Andy Yu · 1 year, 9 months ago
  13. 43c7ab0 SEPolicy: Add game sysprop read access for system_app by Andy Yu · 1 year, 9 months ago
  14. 32ab868 Add pm.archiving.enabled system property by Andrea Zilio · 1 year, 9 months ago
  15. bdc7214 Ignore access to /proc/pagetypeinfo for Settings by Thiébaud Weksteen · 1 year, 10 months ago
  16. 12c42b5 Add system property persist.drm.forcel3.enabled by Kyle Zhang · 2 years ago
  17. cc5cb43 Stop granting permissions on keystore_key class by Eric Biggers · 1 year, 11 months ago
  18. 60cc0b3 Adding ro.product.build.16k_page.enabled to property contexts by Pawan Wagh · 2 years ago
  19. 941ba72 sepolicy: rework perfetto producer/profiler rules for "user" builds by Ryan Savitski · 2 years, 7 months ago
  20. a12d310 Add selinux permissions for ro.usb.uvc.enabled by Avichal Rakesh · 2 years, 8 months ago
  21. ad2f883 Add adaptive haptics restricted system property by Chris Paulo · 2 years, 10 months ago
  22. 8fa264d Revert "Limit processes that can change settings sysprops" by Neil Fuller · 3 years ago
  23. c598069 Limit processes that can change settings sysprops by Neil Fuller · 3 years ago
  24. 0c4d8ff Reduce use of exported_system_prop by Neil Fuller · 3 years ago
  25. babba5e Revert system app/process profileability on user builds by Ryan Savitski · 3 years, 2 months ago
  26. 9b12638 Merge "Ignore access from system_app to sysfs_zram" by Thiébaud Weksteen · 3 years, 4 months ago
  27. bcc7cc1 Ignore access from system_app to sysfs_zram by Thiébaud Weksteen · 3 years, 4 months ago
  28. b07c12c Iorapd and friends have been removed by Jeff Vander Stoep · 3 years, 4 months ago
  29. 6111f0c allow system_app domain to be profiled by Ryan Savitski · 3 years, 5 months ago
  30. be3ff9b Grant system_app permission to access cgroup_v2 directories by Bart Van Assche · 3 years, 7 months ago
  31. 70b0a77 Add sepolicy for mdns service by paulhu · 3 years, 9 months ago
  32. 39f29f7 [MTE] Allow system_app to write memtag property. by Florian Mayer · 3 years, 9 months ago
  33. 078141a Add rule for new gesture_prop. by Super Liu · 3 years, 9 months ago
  34. df28371 Remove vrflinger by Ady Abraham · 3 years, 11 months ago
  35. a60d7f2 Ensure that only desired processes can access TracingServiceProxy by Carmen Jackson · 4 years, 3 months ago
  36. d6ff0c7 sepolicy: add perfetto_producer for platform_app and system_app by Lalit Maganti · 4 years, 3 months ago
  37. b61bcc8 Allow appdomain sepolicy search access to /mnt/media_rw by Zim · 4 years, 5 months ago
  38. b488a8f Keystore 2.0: Remove keystore2.enable property. by Janis Danisevskis · 4 years, 6 months ago
  39. aa4ce95 sepolicy: rules for uid/pid cgroups v2 hierarchy by Marco Ballesio · 4 years, 7 months ago
  40. 20bc79b Keystore 2.0: Allow system_server to manage wifi keys by Pavel Grafov · 4 years, 7 months ago
  41. df31f20 Keystore 2.0: Add wifi namespace to sepolicy. by Janis Danisevskis · 4 years, 7 months ago
  42. aa8bb3a Revert^3 "sepolicy: rules for uid/pid cgroups v2 hierarchy" by Marco Ballesio · 4 years, 7 months ago
  43. a54bed6 Revert^2 "sepolicy: rules for uid/pid cgroups v2 hierarchy" by Marco Ballesio · 4 years, 7 months ago
  44. 07aee66 system_app: remove adb data loader permissions by Jeff Vander Stoep · 4 years, 9 months ago
  45. 2543715 never allow untrusted apps accessing debugfs_tracing by Adam Shih · 4 years, 9 months ago
  46. 51c04ac Revert "sepolicy: rules for uid/pid cgroups v2 hierarchy" by Jonglin Lee · 4 years, 9 months ago
  47. f46d7a2 sepolicy: rules for uid/pid cgroups v2 hierarchy by Marco Ballesio · 4 years, 10 months ago
  48. 6445f19 Update to support splitted SystemSuspend AIDL interfaces by Michael Sun · 4 years, 10 months ago
  49. 202e863 Add policy for property ro.android.security.keystore2.enable by Janis Danisevskis · 4 years, 11 months ago
  50. 144c822 Move list permission from keystore2_key to keystore class. by Janis Danisevskis · 5 years ago
  51. 96b9d86 Remove exported2_system_prop by Inseob Kim · 5 years ago
  52. abb93f2 Make Keystore equivalent policy for Keystore2 by Janis Danisevskis · 5 years ago
  53. bd397a1 Merge "Make cross-user apps mlstrustedsubject." by Alan Stokes · 5 years ago
  54. 81e4e87 Make cross-user apps mlstrustedsubject. by Alan Stokes · 6 years ago
  55. c80b024 Relabel various exported3_default_prop by Inseob Kim · 5 years ago
  56. dc1e501 Rename system_radio_prop by Inseob Kim · 5 years ago
  57. 3db5a31 sepolicy: clean up redundant rules around gpuservice by Yiwei Zhang · 5 years ago
  58. 7833aa4 Allow developer settings to query gsid status by Howard Chen · 5 years ago
  59. e2fb8aa Merge "Allow system_app to interact with Dumpstate HAL" by Rambo Wang · 6 years ago
  60. 8950e7a Allow system_app to interact with Dumpstate HAL by Rambo Wang · 6 years ago
  61. 3922253 permissions for incremental control file by Songchun Fan · 6 years ago
  62. 020e3ab selinux rules for apk files installed with Incremental by Songchun Fan · 6 years ago
  63. a30464c More neverallows for default_android_service. by Steven Moreland · 6 years ago
  64. 6e893ec system_app: neverallow /data/local/tmp access by Nick Kralevich · 6 years ago
  65. 544a9b1 Revert "Revert "Allow rule to let settings access apex files"" by Andrew Sapperstein · 6 years ago
  66. e47d236 Revert "Allow rule to let settings access apex files" by Cosmo Hsieh · 6 years ago
  67. 0c0ba46 Allow rule to let settings access apex files by Todd Kennedy · 6 years ago
  68. 565384d Sepolicy: add dynamic_system_prop by Hung-ying Tyan · 6 years ago
  69. e2876a3 revert ipmemorystore selinux policy. by Xiao Ma · 6 years ago
  70. 18ade86 Add rules for lpdump and lpdumpd by Yifan Hong · 6 years ago
  71. e55a74b Add rules for accessing the related bluetooth_audio_hal_prop by Cheney Ni · 6 years ago
  72. 131fa73 Restrict access to suspend control by Tri Vo · 7 years ago
  73. 524f25e Add sepolicy for resolver service by Luke Huang · 7 years ago
  74. 544d6b3 Game Driver: sepolicy update for plumbing GpuStats into GpuService by Yiwei Zhang · 7 years ago
  75. fb15c9f Add sepolicy for IpMemoryStoreService by Chalard Jean · 7 years ago
  76. 2e25146 remove system_app proc_net_type access by Nick Kralevich · 7 years ago
  77. f55c989 Constrain cgroups access. by Tri Vo · 7 years ago
  78. cacea25 Revert "Constrain cgroups access." by Nick Kralevich · 7 years ago
  79. 9899568 Constrain cgroups access. by Tri Vo · 7 years ago
  80. 72a88b1 iorapd: Add new binder service iorapd. by Igor Murashkin · 7 years ago
  81. ac097ac Add policy for apexd. by Martijn Coenen · 7 years ago
  82. 6026a4a app: Allow all apps to read dropbox FDs by Jeff Vander Stoep · 7 years ago
  83. 7a4af30 Start the process of locking down proc/net by Jeff Vander Stoep · 7 years ago
  84. 4d3ee1a Protect dropbox service data with selinux by Jeff Vander Stoep · 7 years ago
  85. 224921d Whitelist vendor-init-settable bluetooth_prop and wifi_prop by Jaekyun Seok · 7 years ago
  86. 252b015 Allow getsockopt and setsockopt for Encap Sockets by Nathan Harold · 7 years ago
  87. 022ab0e Statsd allow shell in selinux policy by Bookatz · 8 years ago
  88. 06d7dca Remove proc and sysfs access from system_app and platform_app. by Tri Vo · 8 years ago
  89. 118e496 Allow system apps to read log props. by Pavel Grafov · 8 years ago
  90. ee26864 Allow More Apps to Recv UDP Sockets from SystemServer by Nathan Harold · 8 years ago
  91. e497145 Whitelist exported platform properties by Jaekyun Seok · 8 years ago
  92. 2d32d81 system_app: suppress denials for disallowed services by Jeff Vander Stoep · 8 years ago
  93. c975bd9 Allow system settings to read /proc/version by Jeff Vander Stoep · 8 years ago
  94. 91d398d Sync internal master and AOSP sepolicy. by Dan Cashman · 8 years ago
  95. d22cbc8 Merge "domain_deprecated is dead" am: f1b06df3d6 by Jeff Vander Stoep · 8 years ago
  96. b5da252 domain_deprecated is dead by Jeff Vander Stoep · 8 years ago
  97. ad95219 domain_deprecated: remove proc access am: c15d54ef1a by Jeff Vander Stoep · 8 years ago
  98. c15d54e domain_deprecated: remove proc access by Jeff Vander Stoep · 8 years ago
  99. 7297ea2 domain_deprecated: remove rootfs access am: a12aad45b6 by Jeff Vander Stoep · 8 years ago
  100. a12aad4 domain_deprecated: remove rootfs access by Jeff Vander Stoep · 8 years ago