Skip to content
Snippets Groups Projects
Commit a3aa1db3 authored by Jeff Vander Stoep's avatar Jeff Vander Stoep Committed by Android Git Automerger
Browse files

am 0243e5cf: system_server.te: remove policy load permissions

* commit '0243e5cf':
  system_server.te: remove policy load permissions
parents 60442d18 0243e5cf
Branches
No related tags found
No related merge requests found
......@@ -360,9 +360,6 @@ r_dir_file(system_server, fscklogs)
allow system_server fscklogs:dir { write remove_name };
allow system_server fscklogs:file unlink;
# For SELinuxPolicyInstallReceiver
selinux_manage_policy(system_server)
# logd access, system_server inherit logd write socket
# (urge is to deprecate this long term)
allow system_server zygote:unix_dgram_socket write;
......
......@@ -247,18 +247,6 @@ allow $1 security_file:dir r_dir_perms;
allow $1 security_file:file r_file_perms;
')
#####################################
# selinux_manage_policy(domain)
# Ability to manage policy files and
# trigger runtime reload.
define(`selinux_manage_policy', `
security_access_policy($1)
allow $1 security_file:dir create_dir_perms;
allow $1 security_file:file create_file_perms;
allow $1 security_file:lnk_file { create rename unlink };
set_prop($1, security_prop)
')
#####################################
# mmac_manage_policy(domain)
# Ability to manage mmac policy files,
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment