Skip to content
Snippets Groups Projects
Normal view History Permalink
system_server.te 694 B
Newer Older
dcashman's avatar
Split general policy into public and private components.
dcashman committed
1 2 3 4 5 6 
# type_transition must be private policy the domain_trans rules could stay
# public, but conceptually should go with this
# Define a type for tmpfs-backed ashmem regions.
tmpfs_domain(system_server)
# Create a socket for connections from debuggerd.
type_transition system_server system_data_file:sock_file system_ndebug_socket "ndebugsocket";
dcashman's avatar
sepolicy: add version_policy tool and version non-platform policy.  
dcashman committed
7 8 9 10 11 12 13 14 15 

allow system_server zygote_tmpfs:file read;

# Create a socket for receiving info from wpa.
type_transition system_server wifi_data_file:sock_file system_wpa_socket;
type_transition system_server wpa_socket:sock_file system_wpa_socket;

# TODO: deal with tmpfs_domain pub/priv split properly
neverallow system_server system_server_tmpfs:file execute;