From d8bec4ac7209076d374e15afee7874a6ed94db0c Mon Sep 17 00:00:00 2001
From: Jeff Vander Stoep <jeffv@google.com>
Date: Tue, 15 Jan 2019 20:31:01 -0800
Subject: [PATCH] app: remove redundant neverallow rule

Access to zygote_socket is already neverallowed to
{ domain -system_server }.

Test: build
Change-Id: I6353ef09f769c8d64c97b1bdef93f0ab4d5dae6a
---
 public/app.te | 1 -
 1 file changed, 1 deletion(-)

diff --git a/public/app.te b/public/app.te
index 0a5f0b4e7..6e760d100 100644
--- a/public/app.te
+++ b/public/app.te
@@ -404,7 +404,6 @@ neverallow appdomain socket_device:sock_file write;
 # Unix domain sockets.
 neverallow appdomain adbd_socket:sock_file write;
 neverallow { appdomain -radio } rild_socket:sock_file write;
-neverallow appdomain zygote_socket:sock_file write;
 
 # ptrace access to non-app domains.
 neverallow appdomain { domain -appdomain }:process ptrace;
-- 
GitLab