More granular vendor access to /system files. (5c1fe61e) · Commits · CodeLinaro / public-release-test / platform / system / sepolicy

Commit 5c1fe61e authored 6 years ago by Tri Vo

More granular vendor access to /system files.

This change limits global access to /system files down to:
/system/bin/linker*
/system/lib[64]/*
/system/etc/ld.config*
/system/etc/seccomp_policy/*
/system/etc/security/cacerts/*
/system/usr/share/zoneinfo/*

Bug: 111243627
Test: boot device, browse internet without denials to system_* types.
Test: VtsHalDrmV1_{1, 0}TargetTest without denials
Change-Id: I69894b29733979c2bc944ac80229e84de5d519f4

parent 342362ae

No related branches found

No related tags found

Hide whitespace changes

Inline Side-by-side

Showing with 76 additions and 29 deletions

Please register or to comment