security: update SELinux section.
Bug: 8776692
Change-Id: Id6d4ed1ef701202d68d8066df7b001f5fff983c7
diff --git a/src/devices/tech/security/enhancements43.jd b/src/devices/tech/security/enhancements43.jd
index 4ecae12..277e010 100644
--- a/src/devices/tech/security/enhancements43.jd
+++ b/src/devices/tech/security/enhancements43.jd
@@ -9,11 +9,13 @@
<ul>
<li><strong>Android sandbox reinforced with SELinux.</strong>
- Android now uses SELinux,
- a mandatory access control (MAC) system in the Linux kernel originally
- designed for government security, to augment the UID based Application
- sandbox. This protects the operating system against potential security
- vulnerabilities.</li>
+ This release strengthens the Android sandbox using the SELinux
+ mandatory access control system (MAC) in the Linux kernel. SELinux
+ reinforcement is invisible to users and developers, and adds robustness
+ to the existing Android security model while maintaining compatibility
+ with existing applications. To ensure continued compatibility this release
+ allows the use of SELinux in a permissive mode. This mode logs any policy
+ violations, but will not break applications or affect system behavior.</li>
<li><strong>No setuid/setgid programs.</strong>
Added support for filesystem capabilities