-
dcashman authored
All domains are currently granted list and find service_manager permissions, but this is not necessary. Pare the permissions which did not trigger any of the auditallow reporting. Bug: 18106000 Change-Id: Ie0ce8de2af8af2cbe4ce388a2dcf4534694c994a
cd82557d
nfc.te 679 B
# nfc subsystem
type nfc, domain;
app_domain(nfc)
net_domain(nfc)
binder_service(nfc)
# Set NFC properties
unix_socket_connect(nfc, property, init)
allow nfc nfc_prop:property_service set;
# NFC device access.
allow nfc nfc_device:chr_file rw_file_perms;
# Data file accesses.
allow nfc nfc_data_file:dir create_dir_perms;
allow nfc nfc_data_file:notdevfile_class_set create_file_perms;
allow nfc sysfs_nfc_power_writable:file rw_file_perms;
allow nfc sysfs:file write;
allow nfc mediaserver_service:service_manager find;
allow nfc nfc_service:service_manager add;
allow nfc surfaceflinger_service:service_manager find;
allow nfc system_server_service:service_manager find;