* [PATCH 1/2] read permission over lnk_file to devices when android_cts enabled
@ 2012-07-30 18:24 Haiqing Jiang
2012-07-30 18:24 ` [PATCH 2/2] untrusted_app reads logs " Haiqing Jiang
0 siblings, 1 reply; 2+ messages in thread
From: Haiqing Jiang @ 2012-07-30 18:24 UTC (permalink / raw)
To: selinux; +Cc: sds, bill.c.roberts, Haiqing Jiang
---
cts.te | 3 +++
1 files changed, 3 insertions(+), 0 deletions(-)
diff --git a/cts.te b/cts.te
index 489be1a..3371410 100644
--- a/cts.te
+++ b/cts.te
@@ -31,6 +31,9 @@ allow appdomain system_file:file rx_file_perms;
allow appdomain apk_tmp_file:file rw_file_perms;
allow appdomain shell_data_file:file r_file_perms;
+# Read permission over link file to devices.
+allow appdomain dev_type:lnk_file read;
+
# Read routing information.
allow netdomain self:netlink_route_socket { create read write nlmsg_read };
--
1.7.0.4
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply related [flat|nested] 2+ messages in thread
* [PATCH 2/2] untrusted_app reads logs when android_cts enabled
2012-07-30 18:24 [PATCH 1/2] read permission over lnk_file to devices when android_cts enabled Haiqing Jiang
@ 2012-07-30 18:24 ` Haiqing Jiang
0 siblings, 0 replies; 2+ messages in thread
From: Haiqing Jiang @ 2012-07-30 18:24 UTC (permalink / raw)
To: selinux; +Cc: sds, bill.c.roberts, Haiqing Jiang
---
app.te | 4 ++++
1 files changed, 4 insertions(+), 0 deletions(-)
diff --git a/app.te b/app.te
index b9b5a17..8b1aa53 100644
--- a/app.te
+++ b/app.te
@@ -120,6 +120,10 @@ bool app_ndk false;
if (app_ndk or android_cts) {
allow untrusted_app system_data_file:file { execute open };
}
+# Read Logs
+if (android_cts) {
+allow untrusted_app log_device:chr_file read;
+}
#
# Rules for all app domains.
--
1.7.0.4
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply related [flat|nested] 2+ messages in thread
end of thread, other threads:[~2012-07-30 18:24 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2012-07-30 18:24 [PATCH 1/2] read permission over lnk_file to devices when android_cts enabled Haiqing Jiang
2012-07-30 18:24 ` [PATCH 2/2] untrusted_app reads logs " Haiqing Jiang
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.