diff --git a/private/screencap.te b/private/screencap.te
index 764880f55273a21dc452d7bca95d22a1e7e56ed1..d6bf489a902e5771a865659a034e644f5565319f 100644
--- a/private/screencap.te
+++ b/private/screencap.te
@@ -1,4 +1,3 @@
-type screencap, domain;
 type screencap_exec, exec_type, file_type;
 
 typeattribute screencap coredomain;
@@ -35,6 +34,8 @@ allow screencap mnt_user_file:dir search;
 allow screencap mnt_user_file:lnk_file read;
 allow screencap sdcardfs:dir { search write };
 allow screencap sdcardfs:file { open write };
+allow screencap shell_data_file:file create_file_perms;
+allow screencap shell_data_file:dir rw_dir_perms;
 allow screencap storage_file:dir search;
 allow screencap storage_file:lnk_file read;
 allow screencap tmpfs:dir search;
diff --git a/public/domain.te b/public/domain.te
index f5c72cc4d5806e6fdbf1bc82567a4c34972bf79f..aca976c67092003b9f21f0b55a6e5797540f512f 100644
--- a/public/domain.te
+++ b/public/domain.te
@@ -924,6 +924,7 @@ neverallow {
   -dumpstate
   -installd
   -init
+  -screencap
   -shell
   -vold
 } shell_data_file:dir no_w_dir_perms;
@@ -935,6 +936,7 @@ neverallow {
   -dumpstate
   -init
   -installd
+  -screencap
   -system_server # why?
   userdebug_or_eng(`-uncrypt')
 } shell_data_file:dir { open search };
@@ -947,6 +949,7 @@ neverallow {
   -appdomain
   -dumpstate
   -installd
+  -screencap
   userdebug_or_eng(`-uncrypt')
 } shell_data_file:file open;
 
diff --git a/public/screencap.te b/public/screencap.te
new file mode 100644
index 0000000000000000000000000000000000000000..ad8639f0abd4116bfa400de48f11e1a9943830cd
--- /dev/null
+++ b/public/screencap.te
@@ -0,0 +1 @@
+type screencap, domain;