Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_sepolicy / refs/heads/android-16 / private / app.te
  1. bc9ccbf Merge tag 'android-16.0.0_r1' of https://android.googlesource.com/platform/system/sepolicy into HEAD by micky387 · 3 months ago
  2. e4adb48 Merge tag 'android-15.0.0_r32' of https://android.googlesource.com/platform/system/sepolicy into HEAD by micky387 · 4 months ago android-15
  3. 967f718 private: hal_widevine_system: support private storage by Armelle Laine · 6 months ago
  4. 4c3f1b6 Give apps read permissions on its own profile directory. by Jiakai Zhang · 6 months ago
  5. 81a860e Don't audit access to proc_net by network_stack - try 2 by Maciej Żenczykowski · 8 months ago
  6. 79ae2b3 Merge tag 'android-15.0.0_r6' of https://android.googlesource.com/platform/system/sepolicy into HEAD by micky387 · 9 months ago
  7. 38deee7 Add keystore2 grant capability to all apps to support key grants by Michael Groover · 11 months ago
  8. a15e9ce Allow apps to access PersistentDataBlockManager by Shawn Willden · 12 months ago
  9. 1b2f74f sepolicy: allow update angine and syslog read by Marko Man · 5 years ago
  10. f04db5b app.te: Delete apk_private_tmp_file neverallow by Nick Kralevich · 12 months ago
  11. d07ee24 Add sepolicy for high quality barometer sysprop by Miranda Huang · 1 year, 1 month ago
  12. 2eff31b Allow isolated to map staged apks by William Luh · 1 year, 2 months ago
  13. 27b515e Add SELinux policy for storage areas by Ellen Arteca · 1 year, 4 months ago
  14. 75806ef Minimize public policy by Inseob Kim · 1 year, 5 months ago
  15. 29e5730 Revert "Restrict SDK sandbox unix_stream_socket connections" by Joseph Murphy · 1 year, 6 months ago
  16. d226ac4 Restrict SDK sandbox unix_stream_socket connections by Sandro Montanari · 1 year, 7 months ago
  17. 19cb4c5 Merge "Allow apps to access PowerHAL for FMQ" into main by Matt Buckley · 1 year, 6 months ago
  18. 52c9b3b Allow apps to access PowerHAL for FMQ by Matt Buckley · 1 year, 6 months ago
  19. 6c689e8 Allow shell and adb to read tombstones by Florian Mayer · 1 year, 7 months ago
  20. 01c4f57 Allow appdomain to read dir and files under vendor_microdroid_file by Seungjae Yoo · 1 year, 7 months ago
  21. b6c262c Revert "Remove implicit access for isolated_app" by Jeffrey Vander Stoep · 1 year, 9 months ago
  22. 6e1795c Allow virtual camera to do binder calls to apps and vice versa. by Jan Sebechlebsky · 1 year, 9 months ago
  23. d7fe10b Stop granting permission to get_state of keystore2 by Eric Biggers · 1 year, 11 months ago
  24. cc5cb43 Stop granting permissions on keystore_key class by Eric Biggers · 1 year, 11 months ago
  25. e07dbe0 Merge Android U (ab/10368041) by Xin Li · 2 years ago
  26. 243e100 Merge "Allow typical app domains to measure fs-verity on data file" into main by Treehugger Robot · 2 years, 1 month ago
  27. d570a5c Make font_fallback.xml unreadable by Seigo Nonaka · 2 years, 2 months ago
  28. fefc956 Allow typical app domains to measure fs-verity on data file by Victor Hsieh · 2 years, 1 month ago
  29. e274770 Merge "persist.sysui.notification.ranking_update_ashmem" am: 49b818497f am: b475d75b4d am: 1ebe668661 by Alexander Roederer · 2 years, 3 months ago
  30. 584a862 persist.sysui.notification.ranking_update_ashmem by Alexander Roederer · 2 years, 3 months ago
  31. 612011b Merge "Relax sepolicy for device_config_runtime_native_*." by Treehugger Robot · 2 years, 4 months ago
  32. 1b6b839 Merge "Allow apps and SDK sandbox to access each others' open FDs" am: bd2efacfb7 am: 0a36e495b1 am: 9fa01cfb93 by Gavin Corkery · 2 years, 4 months ago
  33. d4d3c01 Allow apps and SDK sandbox to access each others' open FDs by Gavin Corkery · 2 years, 4 months ago
  34. d02b20b Create sdk_sandbox_all. am: 2ae45c5766 am: ca1191437b am: 0f6e7f8943 by Mugdha Lakhani · 2 years, 4 months ago
  35. 2ae45c5 Create sdk_sandbox_all. by Mugdha Lakhani · 2 years, 4 months ago
  36. 4479b9d Relax sepolicy for device_config_runtime_native_*. by Evgenii Stepanov · 2 years, 4 months ago
  37. 11ce689 Relax sepolicy for device_config_runtime_native_*. by Evgenii Stepanov · 2 years, 4 months ago
  38. f9a774f Disallow watch and watch_reads on apk_data_file for apps by Jeff Vander Stoep · 2 years, 5 months ago
  39. 87143bd Revert "Introduce a new sdk_sandbox domain" by Martin Stjernholm · 2 years, 4 months ago
  40. 3049624 Introduce a new sdk_sandbox domain by Mugdha Lakhani · 2 years, 6 months ago
  41. 4731a1e Merge "Add persist.sysui.notification.builder_extras_ovrd" am: cf1ac9a714 am: 939325600a am: 870aae8164 by Alexander Roederer · 2 years, 5 months ago
  42. cf1ac9a Merge "Add persist.sysui.notification.builder_extras_ovrd" by Alexander Roederer · 2 years, 5 months ago
  43. 2d0d80a Merge "Allow system server to set dynamic ART properties." am: 326d35c04b am: 1502d1e604 am: afd4aee92d by Jiakai Zhang · 2 years, 5 months ago
  44. 22fb5c7 Allow system server to set dynamic ART properties. by Jiakai Zhang · 2 years, 5 months ago
  45. 829d974 Add persist.sysui.notification.builder_extras_ovrd by Alexander Roederer · 2 years, 6 months ago
  46. 8c7932d Merge "Audit use of watch and watch_reads on apk_data_file" into udc-dev by Jeffrey Vander Stoep · 2 years, 5 months ago
  47. 3fbb177 Audit use of watch and watch_reads on apk_data_file by Jeff Vander Stoep · 2 years, 5 months ago
  48. 7ba4801 Remove implicit access for isolated_app by Thiébaud Weksteen · 2 years, 6 months ago
  49. 8d168e2 Sysprop for the count of active OOME tracing sessions by Ioannis Ilkos · 2 years, 7 months ago
  50. b9a365a Merge "sepolicy: rework perfetto producer/profiler rules for "user" builds" by Ryan Savitski · 2 years, 7 months ago
  51. 941ba72 sepolicy: rework perfetto producer/profiler rules for "user" builds by Ryan Savitski · 2 years, 7 months ago
  52. e092924 Add selinux permissions for DeviceAsWebcam Service by Avichal Rakesh · 2 years, 8 months ago
  53. 7602d0f Non app processes shouldn't be able to peek checkin data by Sumit Bhagwani · 2 years, 7 months ago
  54. ccf8014 Share isolated properties across islolated apps by Charles Chen · 2 years, 8 months ago
  55. 55d808c Start using virtmgr for running VMs by David Brazdil · 2 years, 9 months ago
  56. 5fcfbe4 Create virtmgr domain and initial policy by David Brazdil · 2 years, 10 months ago
  57. 080c579 Move get_prop rules from public/app.te to private/app.te by Sandro · 2 years, 10 months ago
  58. 3c614b2 Grant appdomain remove_name permission on user_profile_data_file. by Jiakai Zhang · 3 years ago
  59. 06f721e Merge "Allow all Apps to Recv UDP Sockets from SystemServer" am: c37a39c26d by Treehugger Robot · 3 years, 2 months ago
  60. 7295721 Allow all Apps to Recv UDP Sockets from SystemServer by Jeff Vander Stoep · 3 years, 2 months ago
  61. ba498b4 Merge "Allow apps to read system_user_mode_emulation_prop." am: c696791a7f am: d221f197c2 by Felipe Leme · 3 years, 5 months ago
  62. b85242c Allow apps to read system_user_mode_emulation_prop. by Felipe Leme · 3 years, 5 months ago
  63. a933980 Adds GPU sepolicy to support devices with DRM gralloc/rendering by Jason Macnak · 3 years, 6 months ago
  64. 365024e Adds GPU sepolicy to support devices with DRM gralloc/rendering by Jason Macnak · 3 years, 6 months ago
  65. b93f26f Move sdk_sandbox sepolicy to AOSP. by Bram Bonne · 3 years, 6 months ago
  66. 45a0b3a Merge "Add a persist.wm.debug property type and associated permissions" am: bd4cd1ac70 am: ded5bd867f am: 9a2c7ceb13 by Evan Rosky · 3 years, 6 months ago
  67. 5cfdf2b Add a persist.wm.debug property type and associated permissions by Evan Rosky · 3 years, 6 months ago
  68. e2da633 Rename SupplementalProcess to SdkSandbox by Nikita Ioffe · 3 years, 7 months ago
  69. 718ac20 Only allow supplemental_process to execute from read-only locations by Bram Bonne · 3 years, 8 months ago
  70. 1439870 Don't allow supplemental_process to access internal and external storage by Nikita Ioffe · 3 years, 8 months ago
  71. 269e7cf Move allow rules from public/app.te to private/app.te by Nikita Ioffe · 3 years, 8 months ago
  72. eb833f0 Move allow rules from public/app.te to private/app.te by Nikita Ioffe · 3 years, 8 months ago
  73. 78fc19e Allow app to get dck_prop am: f4e3b06683 am: aa383c8bd3 by Thierry Strudel · 3 years, 9 months ago
  74. aa383c8 Allow app to get dck_prop am: f4e3b06683 by Thierry Strudel · 3 years, 9 months ago
  75. 195149f Allow app to get dck_prop by Thierry Strudel · 3 years, 9 months ago
  76. f4e3b06 Allow app to get dck_prop by Thierry Strudel · 3 years, 9 months ago
  77. eaa18ce Initial sepolicy for supplemental process by RafayKamran · 3 years, 10 months ago
  78. b729aa6 Add context for checkin directory by Tianjie · 4 years ago
  79. 39f4970 SEPolicy for compos_verify_key. by Alan Stokes · 4 years ago
  80. 5e20d83 Add rules for virtualizationservice and crosvm by Jiyong Park · 4 years, 2 months ago
  81. d802bd8 Enable ART properties modularization by Calin Juravle · 4 years, 4 months ago
  82. 0b2ca6c Enable ART properties modularization by Calin Juravle · 4 years, 4 months ago
  83. 04c85dc Revert "Allow the MediaProvider app to set FUSE passthrough property" by liuyg · 4 years, 4 months ago
  84. c1e2918 Allow the MediaProvider app to set FUSE passthrough property by Alessio Balsini · 4 years, 4 months ago
  85. 13ee653 app.te: enable mapping ART apexdata cache executable by Orion Hodson · 4 years, 4 months ago
  86. b61bcc8 Allow appdomain sepolicy search access to /mnt/media_rw by Zim · 4 years, 5 months ago
  87. 4825e86 Allow apps to read apex_art_data_file:dir by Martijn Coenen · 4 years, 5 months ago
  88. 4f3a86d Revert "Allow CTS DeviceInfo to read VAB prop." by Yifan Hong · 4 years, 7 months ago
  89. ce1c4a5 Let apps read tombstones given to them. by Josh Gao · 4 years, 7 months ago
  90. 809eb75 Allow CTS DeviceInfo to read VAB prop. by Yifan Hong · 4 years, 7 months ago
  91. 9c3707f Add /data/fonts/files directory by Seigo Nonaka · 4 years, 8 months ago
  92. 8f75f76 Permissions for odrefresh and /data/misc/apexdata/com.android.art by Orion Hodson · 5 years ago
  93. 0cef0fe Add contexts for sqlite debug properties by Inseob Kim · 4 years, 10 months ago
  94. 4ae7ec1 Remove exported3_radio_prop by Inseob Kim · 5 years ago
  95. 67c3688 Allow vendor_init to set service.adb.tcp.port by Hongguang Chen · 5 years ago
  96. c97a97c Move more properties out of exported3_default_prop by Inseob Kim · 5 years ago
  97. c80b024 Relabel various exported3_default_prop by Inseob Kim · 5 years ago
  98. d2c0b7b Remove redundant get_prop rule by Inseob Kim · 5 years ago
  99. 212e2b6 Add property contexts for vts props by Inseob Kim · 5 years ago
  100. dddf6f5 Relabel media.recorder.show_manufacturer_and_model by Inseob Kim · 5 years ago