Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_sepolicy / refs/heads/android-15 / public / zygote.te
  1. 09b27c7 Add "DO NOT ADD statements" comments to public by Inseob Kim · 1 year, 5 months ago
  2. 41a2abf Properly Treble-ize tmpfs access by Jeff Vander Stoep · 7 years ago
  3. 5e37271 Introduce system_file_type by Nick Kralevich · 7 years ago
  4. 966efed Move zygote policy to private by Alex Klyubin · 9 years ago
  5. d5b6043 more ephemeral_app cleanup by Nick Kralevich · 9 years ago
  6. 6e4508e Restrict access to Bluetooth system properties by Alex Klyubin · 9 years ago
  7. 96385a7 zygote: drop braces on single item rule by William Roberts · 9 years ago
  8. 84db84e Use with_dexpreopt macro for zygote execute permissions. by Jorge Lucangeli Obes · 9 years ago
  9. 0e1cbf5 Add persist.vendor.overlay. to properties by Jason Monk · 9 years ago
  10. 06cf31e Rename autoplay_app to ephemeral_app by Chad Brubaker · 9 years ago
  11. cc39f63 Split general policy into public and private components. by dcashman · 9 years ago[Renamed (98%) from zygote.te]
  12. 88cef4d Audit access to libart by Jeff Vander Stoep · 9 years ago
  13. a3a0bb4 Sepolicy: Add otapreopt_slot by Andreas Gampe · 9 years ago
  14. 221938c Allow the zygote to stat all files it opens. by Narayan Kamath · 9 years ago
  15. 7ef8073 audit domain_deprecated perms for removal by Jeff Vander Stoep · 9 years ago
  16. bc2f0e5 Merge "sepolicy: Add policy for sdcardfs and configfs" into nyc-dev am: cf8719e by Daniel Rosenberg · 9 years ago
  17. e249da0 Leftovers of SELinux policy reload mechanism am: 1c983327cf by Janis Danisevskis · 9 years ago
  18. 1c98332 Leftovers of SELinux policy reload mechanism by Janis Danisevskis · 9 years ago
  19. 47fb4b9 sepolicy: Add policy for sdcardfs and configfs by Daniel Rosenberg · 10 years ago
  20. 5c5d6cd dex2oat/patchoat: Add rights for A/B OTA by Andreas Gampe · 10 years ago
  21. f4bd8b3 Sepolicy: Give zygote rights needed for A/B OTAs by Andreas Gampe · 10 years ago
  22. 409b38b Merge "zygote: grant perms from domain_deprecated" am: eecaa0b5f9 am: fde8ca5383 by Jeffrey Vander Stoep · 10 years ago
  23. cee6a0e zygote: grant perms from domain_deprecated by Jeff Vander Stoep · 10 years ago
  24. b9b07da Revert "zygote: grant perms from domain_deprecated" by Jeffrey Vander Stoep · 10 years ago
  25. 21eede4 Merge "zygote: grant perms from domain_deprecated" am: 4115beae63 am: 299e1d5a85 by Jeffrey Vander Stoep · 10 years ago
  26. e52fff8 zygote: grant perms from domain_deprecated by Jeff Vander Stoep · 10 years ago
  27. ae72bf2 Populate autoplay_app with minimal set of permissions by Jeff Vander Stoep · 10 years ago
  28. 5c57e7c zygote.te: Remove deprecated rules by Nick Kralevich · 10 years ago
  29. f255d77 Add SElinux rules for /data/misc/trace by Calin Juravle · 10 years ago
  30. d22987b Create attribute for moving perms out of domain by Jeff Vander Stoep · 10 years ago
  31. ab7764b am 7028bdcc: neverallow: domain execute data_file_type by William Roberts · 10 years ago
  32. 7028bdc neverallow: domain execute data_file_type by William Roberts · 10 years ago
  33. 5577127 am 24f3bcdb: Let Zygote unmount inherited storage devices. by Jeff Sharkey · 10 years ago
  34. 24f3bcd Let Zygote unmount inherited storage devices. by Jeff Sharkey · 10 years ago
  35. 025ca79 am 6b75d099: Let\'s reinvent storage, yet again! by Jeff Sharkey · 10 years ago
  36. 6b75d09 Let's reinvent storage, yet again! by Jeff Sharkey · 10 years ago
  37. b335e38 Run idmap in its own domain. by Stephen Smalley · 10 years ago
  38. 3c242ca Ensure that domain and appdomain attributes are assigned. by Stephen Smalley · 10 years ago
  39. 4a12d96 Ensure that domain and appdomain attributes are assigned. by Stephen Smalley · 10 years ago
  40. f063f46 Updated policy for external storage. by Jeff Sharkey · 10 years ago
  41. d5aff06 am f48951a9: am 0ae33a8d: Merge "zygote/dex2oat: Grant additional symlink permissions" by Igor Murashkin · 11 years ago
  42. f48951a am 0ae33a8d: Merge "zygote/dex2oat: Grant additional symlink permissions" by Igor Murashkin · 11 years ago
  43. 83c5612 zygote/dex2oat: Grant additional symlink permissions by Igor Murashkin · 11 years ago
  44. 334e097 Revoke zygote's read permission on keychain data by Robin Lee · 11 years ago
  45. 51bfecf Pull keychain-data policy out of system-data by Robin Lee · 11 years ago
  46. f2c0118 zygote: allow replacing /proc/cpuinfo by Nick Kralevich · 11 years ago
  47. 2de0287 zygote: allow replacing /proc/cpuinfo by Nick Kralevich · 11 years ago
  48. 8ee37b4 reconcile aosp (c103da877b72aae80616dbc192982aaf75dfe888) after branching. Please do not merge. by Ed Heyl · 11 years ago
  49. 75d63fc Put dex2oat in it's own sandbox by Nick Kralevich · 11 years ago
  50. fad4d5f Fix SELinux policies to allow resource overlays. by Nick Kralevich · 11 years ago
  51. 356f4be Restrict requesting contexts other than policy-defined defaults. by Stephen Smalley · 11 years ago
  52. df48bd2 Remove zygote write access to system_data_file. by Stephen Smalley · 11 years ago
  53. 0099148 Audit zygote create/write access to system_data_file. by Stephen Smalley · 11 years ago
  54. 3a06a72 Change zygote sepolicy whitelist. by Narayan Kamath · 11 years ago
  55. a268f48 zygote: clean up unnecessary rules. by Nick Kralevich · 11 years ago
  56. 66f25cb Add auditallow to revaluate b/10498304 by dcashman · 12 years ago
  57. 3bfdc6b Allow stat of /system/bin/app_process by zygote. by Stephen Smalley · 12 years ago
  58. 37afd3f Remove system_server and zygote unlabeled execute access. by Stephen Smalley · 12 years ago
  59. 49c995d Do not allow zygote to execve dalvikcache files. by Stephen Smalley · 12 years ago
  60. 959fdaa Remove unlabeled execute access from domain, add to appdomain. by Stephen Smalley · 12 years ago
  61. a730e50 Don't allow zygote init:binder call by Nick Kralevich · 12 years ago
  62. 268a612 am d1083bf2: am e9c4181b: zygote.te: fix comment. by Nick Kralevich · 12 years ago
  63. cccfa17 am 882d09db: am 199fc73f: Revert "Give Zygote the ability to write app data files." by Nick Kralevich · 12 years ago
  64. e9c4181 zygote.te: fix comment. by Nick Kralevich · 12 years ago
  65. 199fc73 Revert "Give Zygote the ability to write app data files." by Nick Kralevich · 12 years ago
  66. 82140be Follow-up to rename system to system_server. by Alex Klyubin · 12 years ago
  67. d343fd5 am 3d94272a: am 1fdee11d: 1/2: Rename domain "system" to "system_server". by Alex Klyubin · 12 years ago
  68. 1fdee11 1/2: Rename domain "system" to "system_server". by Alex Klyubin · 12 years ago
  69. e42aa03 am b9bbfeb0: Fix bug report notification not showing up. by Alex Klyubin · 12 years ago
  70. b9bbfeb Fix bug report notification not showing up. by Alex Klyubin · 12 years ago
  71. 0e48af3 am d629b87e: Fix bug report notification not showing up. by Nick Kralevich · 12 years ago
  72. d629b87 Fix bug report notification not showing up. by Nick Kralevich · 12 years ago
  73. d615ef3 Fix miscellaneous long-tail denials. by Geremy Condra · 12 years ago
  74. 090645b Give Zygote the ability to write app data files. by Geremy Condra · 12 years ago
  75. fc2bd01 Give Zygote the ability to write app data files. by Geremy Condra · 12 years ago
  76. 8156073 Fix denials encountered while getting bugreports. by Geremy Condra · 12 years ago
  77. e036260 Add capabilities to Zygote to fix valgrind. by Geremy Condra · 12 years ago
  78. aee5a18 Give zygote the ability to execute dalvik cache files. by Geremy Condra · 12 years ago
  79. 6aca515 zygote: enable SELinux restrictions by Nick Kralevich · 12 years ago
  80. 77d4731 Make all domains unconfined. by repo sync · 12 years ago
  81. 50e37b9 Move domains into per-domain permissive mode. by repo sync · 12 years ago
  82. 7bb2a55 Give domains read access to security_file domain. by William Roberts · 12 years ago
  83. 06575ee Add remount capability to Zygote. by Geremy Condra · 12 years ago
  84. 65d4f44 Various policy updates. by Robert Craig · 12 years ago
  85. 8b3b4fe Allow zygote to search tmpfs. by rpcraig · 13 years ago
  86. c195ec3 Split internal and external sdcards by William Roberts · 13 years ago
  87. e468016 zygote requires setpcap in order to drop from its bounding set. by Stephen Smalley · 13 years ago
  88. 61c80d5 Update policy for Android 4.2 / latest master. by Stephen Smalley · 13 years ago
  89. 2dd4e51 SE Android policy. by Stephen Smalley · 14 years ago