From ecb00a109c7dcf4c29c93b2ac64db3585d303f3f Mon Sep 17 00:00:00 2001
From: Jeff Vander Stoep <jeffv@google.com>
Date: Tue, 8 Jan 2019 10:22:01 -0800
Subject: [PATCH] audit use of net.dns. property

Bug: 33308258
Test: atest CtsSelinuxTargetSdk25TestCases
Change-Id: Ifeceecec7b2f38ebd38b6693712b8f65ee24dc5d
---
 private/untrusted_app_25.te | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/private/untrusted_app_25.te b/private/untrusted_app_25.te
index 6f92ef5bb..7bf5f991c 100644
--- a/private/untrusted_app_25.te
+++ b/private/untrusted_app_25.te
@@ -26,9 +26,10 @@ untrusted_app_domain(untrusted_app_25)
 net_domain(untrusted_app_25)
 bluetooth_domain(untrusted_app_25)
 
-# b/34115651 - net.dns* properties read
+# b/34115651, b/33308258 - net.dns* properties read
 # This will go away in a future Android release
 get_prop(untrusted_app_25, net_dns_prop)
+auditallow untrusted_app_25 net_dns_prop:file read;
 
 # b/35917228 - /proc/misc access
 # This will go away in a future Android release
-- 
GitLab