From 2e251461fcbb5ef982158c5009ba1ff84796d7ed Mon Sep 17 00:00:00 2001 From: Nick Kralevich <nnk@google.com> Date: Thu, 11 Oct 2018 10:17:41 -0700 Subject: [PATCH] remove system_app proc_net_type access The auditallow added in 7a4af30b3 has not triggered. This is safe to remove. Test: device boots and no obvious problems. Test: No audit messages seen since May 2018 on go/sedenials Bug: 9496886 Bug: 68016944 Change-Id: I3861b462467e1fc31e67a263ad06716a4111dcb8 --- private/system_app.te | 7 ------- 1 file changed, 7 deletions(-) diff --git a/private/system_app.te b/private/system_app.te index 4bfcc18f4..ed19b82f5 100644 --- a/private/system_app.te +++ b/private/system_app.te @@ -110,13 +110,6 @@ allow system_app keystore:keystore_key { user_changed }; -# /proc/net access. -# TODO(b/9496886) Audit access for removal. -r_dir_file(system_app, proc_net_type) -userdebug_or_eng(` - auditallow system_app proc_net_type:{ dir file lnk_file } { getattr open read }; -') - # settings app reads /proc/version allow system_app { proc_version -- GitLab