commit | 90ccbcf3beffc8ca9a98a44476bf1778603d5671 | [log] [tgz] |
---|---|---|
author | Jeff Vander Stoep <jeffv@google.com> | Tue Apr 26 11:29:14 2016 -0700 |
committer | Liisa Anttonen <liisa.anttonen@nedevicesw.com> | Wed Dec 14 10:10:37 2016 +0200 |
tree | 2de82a9ef1cbb9992e2f21841dafd92fcdd20924 | |
parent | c47a11bc43bc9d772a1a0567e1e3a2ba1b7c36ec [diff] |
Further restrict socket ioctls available to apps Restrict unix_dgram_socket and unix_stream_socket to a whitelist for all domains. Remove ioctl permission for netlink_selinux_socket and netlink_route_socket for netdomain. Bug: 28171804 Bug: 27424603 Change-Id: I650639115b8179964ae690a39e4766ead0032d2e