Blame - netd.te - fp2-dev/platform/external/sepolicy

blob: 47687dc7d9ce0f53e35e9fe8a3abf1932e43a199 [file] [log] [blame]

Stephen Smalley	2dd4e51	2012-01-04 12:33:27 -0500	[diff] [blame]	1	# network manager
				2	type netd, domain;
				3	type netd_exec, exec_type, file_type;
				4
				5	init_daemon_domain(netd)
				6	typeattribute netd mlstrustedsubject;
				7	allow netd self:capability { net_admin net_raw sys_module };
				8	allow netd self:netlink_kobject_uevent_socket *;
				9	allow netd self:netlink_route_socket *;
				10	allow netd self:netlink_nflog_socket *;
				11	allow netd self:rawip_socket *;
				12	allow netd self:udp_socket *;
				13	allow netd node:udp_socket node_bind;
				14	allow netd port:udp_socket name_bind;
				15	allow netd self:unix_stream_socket *;
				16	allow netd shell_exec:file rx_file_perms;
				17	allow netd system_file:file x_file_perms;
				18	allow netd devpts:chr_file rw_file_perms;
				19
				20	# For /proc/sys/net/ipv[46]/route/flush.
				21	# XXX Split /proc/sys/net into its own type.
				22	allow netd proc:file write;
				23
Stephen Smalley	c94e239	2012-01-06 10:25:53 -0500	[diff] [blame]	24	# For /sys/modules/bcmdhd/parameters/firmware_path
Stephen Smalley	2dd4e51	2012-01-04 12:33:27 -0500	[diff] [blame]	25	# XXX Split into its own type.
				26	allow netd sysfs:file write;
				27
Stephen Smalley	c94e239	2012-01-06 10:25:53 -0500	[diff] [blame]	28	# Network driver loading.
Stephen Smalley	2dd4e51	2012-01-04 12:33:27 -0500	[diff] [blame]	29	allow netd kernel:system module_request;
				30