commit | df48bd2ca88a94225fbc074d7fe5b542c3d490c8 | [log] [tgz] |
---|---|---|
author | Stephen Smalley <sds@tycho.nsa.gov> | Wed May 14 08:58:06 2014 -0400 |
committer | Stephen Smalley <sds@tycho.nsa.gov> | Wed May 14 08:58:06 2014 -0400 |
tree | 376064e4936affe5ec48300734b93bbea1496c72 | |
parent | f78fb4e0c8ae49bb73e691a37de00f2d5b66f9e1 [diff] |
Remove zygote write access to system_data_file. These rules seem to be a legacy of old Android or perhaps old policy before we began splitting types on /data. I have not been able to trigger the auditallow rules on AOSP master. Reduce the rules to only read access to system data. If we need write access to some specific directory under /data, we should introduce a type for it. Change-Id: I780835950cc366c97b7d0901fc73527d9ea479b1 Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>