Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_sepolicy / refs/heads/android-15 / public / app.te
  1. 09b27c7 Add "DO NOT ADD statements" comments to public by Inseob Kim · 1 year, 5 months ago
  2. 75806ef Minimize public policy by Inseob Kim · 1 year, 5 months ago
  3. cf2694b Allow isolated to read staged apks by Marie Matheson · 1 year, 9 months ago
  4. 9c2a5cf strengthen system_file neverallows by Steven Moreland · 2 years, 4 months ago
  5. e092924 Add selinux permissions for DeviceAsWebcam Service by Avichal Rakesh · 2 years, 8 months ago
  6. 080c579 Move get_prop rules from public/app.te to private/app.te by Sandro · 2 years, 10 months ago
  7. ab02397 Fix system server and network stack netlink permissions by Patrick Rohr · 3 years, 4 months ago
  8. 874dd08 Allow system_app to access radio_config system properties by Gary Jian · 3 years, 6 months ago
  9. 269e7cf Move allow rules from public/app.te to private/app.te by Nikita Ioffe · 3 years, 8 months ago
  10. cb83d70 Merge "Add persist.nfc property" by Treehugger Robot · 4 years, 2 months ago
  11. 9ec5327 Add fusefs_type for FUSE filesystems by Thiébaud Weksteen · 4 years, 3 months ago
  12. 79f1fc1 Merge "sepolicy: Allow to receive FDs from app_zygote" by Treehugger Robot · 4 years, 3 months ago
  13. 5908c35 Add camera2 extension property policies by Diego Wilson · 4 years, 3 months ago
  14. c45bcd3 sepolicy: Allow to receive FDs from app_zygote by Egor Pasko · 4 years, 3 months ago
  15. ff7ba7e make system_app_data_file shareable over binder by Adam Shih · 4 years, 3 months ago
  16. 4412ba4 Add persist.nfc property by Jack Yu · 4 years, 3 months ago
  17. a974640 Define vendor side property "ro.camerax.extensions.enabled" by Emilian Peev · 4 years, 10 months ago
  18. ac4a6e7 Keystore 2.0: Allow apps to get the Keystore state. by Janis Danisevskis · 4 years, 6 months ago
  19. 01a9e4d Merge "Allow third-party apps to access tuner hal fd" by Treehugger Robot · 4 years, 7 months ago
  20. db13ae7 Allow third-party apps to access tuner hal fd by Amy Zhang · 4 years, 7 months ago
  21. 84cd708 Add vendor_public_framework_file type to SEPolicy by Dorin Drimus · 4 years, 8 months ago
  22. 74b129b Merge "Permissions for odrefresh and /data/misc/apexdata/com.android.art" by Orion Hodson · 4 years, 8 months ago
  23. 8f75f76 Permissions for odrefresh and /data/misc/apexdata/com.android.art by Orion Hodson · 5 years ago
  24. c68de66 Allow codec2 to allocate from system-secure heap by Hridya Valsaraju · 4 years, 8 months ago
  25. 7aa4041 Split user_profile_data_file label. by Alan Stokes · 4 years, 9 months ago
  26. a3c0b3f system_app: remove unnecessary changes to neverallow by Songchun Fan · 4 years, 9 months ago
  27. 144c822 Move list permission from keystore2_key to keystore class. by Janis Danisevskis · 5 years ago
  28. a0e1be0 Add permissions required for new DMA-BUF heap allocator by Hridya Valsaraju · 5 years ago
  29. abb93f2 Make Keystore equivalent policy for Keystore2 by Janis Danisevskis · 5 years ago
  30. b0d74a1 Update sepolicy to use inclusive language by Joel Galenson · 5 years ago
  31. 81e4e87 Make cross-user apps mlstrustedsubject. by Alan Stokes · 6 years ago
  32. afede84 Add sdcardfs variable to storage_config_props by Daniel Rosenberg · 5 years ago
  33. c3917f0 Merge "Add external_storage properties." by Martijn Coenen · 5 years ago
  34. 01234d3 Add external_storage properties. by Martijn Coenen · 5 years ago
  35. f3adf2e sepolicy: allow app to access gpuservice by Yiwei Zhang · 5 years ago
  36. 9752155 Allow apps to use mmap on fuse fds. by Sudheer Shanka · 6 years ago
  37. 789ebf0 app: allow PROT_EXEC on ashmem objects by Jeff Vander Stoep · 6 years ago
  38. 02bf814 Add SELinux policy for credstore and update for IC HAL port from HIDL to AIDL. by David Zeuthen · 6 years ago
  39. 020e3ab selinux rules for apk files installed with Incremental by Songchun Fan · 6 years ago
  40. 5fb053e Revert "Grant appdomain access to app_api_service" by Adam Shih · 6 years ago
  41. d5a0edd Grant appdomain access to app_api_service by Adam Shih · 6 years ago
  42. d804a76 Revert "sepolicy: Permission changes for new wifi mainline module" by Roshan Pius · 6 years ago
  43. a483b5d Revert "wifi_stack: Move to network_stack process" by Roshan Pius · 6 years ago
  44. e063585 Add permission for NetworkStack updatability by Chiachang Wang · 6 years ago
  45. 1086c7d wifi_stack: Move to network_stack process by Roshan Pius · 6 years ago
  46. bfcddbe sepolicy: remove ashmemd by Tri Vo · 6 years ago
  47. 3aa1c17 sepolicy: Permission changes for new wifi mainline module by Roshan Pius · 6 years ago
  48. 46303aa Sepolicy for IAshmem HIDL interface by Kalesh Singh · 6 years ago
  49. a0f998e Allow bootstrap bionic only to init, ueventd, and apexd by Jiyong Park · 6 years ago
  50. e55a74b Add rules for accessing the related bluetooth_audio_hal_prop by Cheney Ni · 6 years ago
  51. 73d0a67 sepolicy for ashmemd by Tri Vo · 7 years ago
  52. 9f5d0d9 Initial selinux policy support for memfd by Jeff Vander Stoep · 7 years ago
  53. 87e9123 disallow priv-apps from following untrusted app symlinks. by Nick Kralevich · 7 years ago
  54. d8bec4a app: remove redundant neverallow rule by Jeff Vander Stoep · 7 years ago
  55. 5f3ba92 sepolicy changes for network stack app by Remi NGUYEN VAN · 7 years ago
  56. aeca04b Allow to signal perfetto from shell. by Florian Mayer · 7 years ago
  57. 1e5021c Move some rules around by Nick Kralevich · 7 years ago
  58. 535c5d2 Remove 'dex2oat_exec' from untrusted_app by David Brazdil · 7 years ago
  59. 3b2df19 allow apps tun_device ioctl TUNGETIFF; by Nick Kralevich · 7 years ago
  60. 0c1848b SELinux changes for AppFuse by Risan · 7 years ago
  61. 619c1ef tun_device: enforce ioctl restrictions by Nick Kralevich · 7 years ago
  62. c4cf986 Revert "SELinux changes for AppFuse" by Nick Kralevich · 7 years ago
  63. 67ed432 SELinux changes for AppFuse by Risan · 7 years ago
  64. 90cf5a7 same_process_hal_file: access to individual coredomains by Tri Vo · 7 years ago
  65. f55c989 Constrain cgroups access. by Tri Vo · 7 years ago
  66. cacea25 Revert "Constrain cgroups access." by Nick Kralevich · 7 years ago
  67. 9899568 Constrain cgroups access. by Tri Vo · 7 years ago
  68. 4245177 Remove access to /proc/net/{tcp,udp} by Jeff Vander Stoep · 7 years ago
  69. 6026a4a app: Allow all apps to read dropbox FDs by Jeff Vander Stoep · 7 years ago
  70. 275ea12 llkd: Add stack symbol checking by Mark Salyzyn · 7 years ago
  71. 21bd2ae Allow all app types to socket send to statsdw (statsd socket) by Howard Ro · 7 years ago
  72. bedfb22 more mmaps by Nick Kralevich · 7 years ago
  73. 41b21ee Delete untrusted_v2_app by Nick Kralevich · 7 years ago
  74. 8b2c858 Allow ephemeral_app to execute system_file. by Joel Galenson · 7 years ago
  75. 23c9d91 Start partitioning off privapp_data_file from app_data_file by Nick Kralevich · 7 years ago
  76. 84a42ea Protect apps from ptrace by other system components by Nick Kralevich · 7 years ago
  77. f95bf19 app: exempt su from auditallow statement by Jeff Vander Stoep · 7 years ago
  78. 8fc7981 Find hal_foo_hwservice -> you are hal_foo_client. by Steven Moreland · 7 years ago
  79. 7baf725 mediacodec->mediacodec+hal_omx{,_server,_client} by Steven Moreland · 7 years ago
  80. 19a74ec Put in sepolicies for Codec2.0 services by Pawin Vongmasa · 7 years ago
  81. 7a4af30 Start the process of locking down proc/net by Jeff Vander Stoep · 7 years ago
  82. 29497b6 SELinux type for vendor public libs. by Tri Vo · 7 years ago
  83. c20ba5b app: removed unused /dev/ion write permissions by Jeff Vander Stoep · 7 years ago
  84. 000cafc Add exFAT support; unify behind "sdcard_type". by Jeff Sharkey · 7 years ago
  85. 224921d Whitelist vendor-init-settable bluetooth_prop and wifi_prop by Jaekyun Seok · 7 years ago
  86. f3220aa Remove direct qtaguid access from platform/system apps by Jeff Vander Stoep · 7 years ago
  87. 9d28625 shell: move shell qtaguid perms to shell.te by Jeff Vander Stoep · 7 years ago
  88. 985db6d Allowing incidentd to get stack traces from processes. by Kweku Adams · 7 years ago
  89. bdf2a9c Rename qtaguid_proc to conform to name conventions by Jeff Vander Stoep · 7 years ago
  90. c411ff7 Block SDK 28 app from using proc/net/xt_qtaguid by Chenbo Feng · 8 years ago
  91. 8f568af Revert "Remove app access to qtaguid ctrl/stats file" by Chenbo Feng · 8 years ago
  92. fad0b04 Remove app access to qtaguid ctrl/stats file by Chenbo Feng · 8 years ago
  93. dfe063c sepolicy: restrict access to uid_cpupower files by Marissa Wall · 8 years ago
  94. 43303c8 relabel files in /proc/net/xt_qtaguid/ by Jeff Vander Stoep · 8 years ago
  95. 77b290f app: move appdomain to public policy by Jeff Vander Stoep · 8 years ago
  96. 8429a33 Move appdomain policy to private by Alex Klyubin · 9 years ago
  97. 3d348fd Allow ephemeral apps to read/write external storage by Chad Brubaker · 9 years ago
  98. 5c566d1 Move ephemeral_app to appdomain by Chad Brubaker · 9 years ago
  99. cb3eb4e Introduce crash_dump debugging helper. by Josh Gao · 9 years ago
  100. 7ae1d23 Don't open appfuse files in apps. by Daichi Hirono · 9 years ago