Skip to content
Snippets Groups Projects
Commit f7a0cc51 authored by Nick Kralevich's avatar Nick Kralevich Committed by android-build-merger
Browse files

Add permissions back to app / shell domains 

am: 8ff6a86d

* commit '8ff6a86d':
  Add permissions back to app / shell domains
parents 781a4bed 8ff6a86d
Branches
No related tags found
No related merge requests found
Show whitespace changes
Inline Side-by-side
app.te
+ 10
0
View file @ f7a0cc51
...@@ -29,6 +29,16 @@ allow appdomain zygote:process sigchld; ...@@ -29,6 +29,16 @@ allow appdomain zygote:process sigchld;
allow appdomain cgroup:dir { search write }; allow appdomain cgroup:dir { search write };
allow appdomain cgroup:file w_file_perms; allow appdomain cgroup:file w_file_perms;
# Read /data/dalvik-cache.
allow appdomain dalvikcache_data_file:dir { search getattr };
allow appdomain dalvikcache_data_file:file r_file_perms;
# Read the /sdcard symlink
allow appdomain rootfs:lnk_file r_file_perms;
# Search /storage/emulated tmpfs mount.
allow appdomain tmpfs:dir r_dir_perms;
userdebug_or_eng(` userdebug_or_eng(`
# Notify zygote of the wrapped process PID when using --invoke-with. # Notify zygote of the wrapped process PID when using --invoke-with.
allow appdomain zygote:fifo_file write; allow appdomain zygote:fifo_file write;
......
shell.te
+ 3
0
View file @ f7a0cc51
...@@ -25,6 +25,9 @@ userdebug_or_eng(` ...@@ -25,6 +25,9 @@ userdebug_or_eng(`
allow shell adbd:fd use; allow shell adbd:fd use;
allow shell adbd:unix_stream_socket { read write ioctl getattr }; allow shell adbd:unix_stream_socket { read write ioctl getattr };
# Root fs.
allow shell rootfs:dir r_dir_perms;
# read files in /data/anr # read files in /data/anr
allow shell anr_data_file:dir r_dir_perms; allow shell anr_data_file:dir r_dir_perms;
allow shell anr_data_file:file r_file_perms; allow shell anr_data_file:file r_file_perms;
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment