Gitiles
Code Review Sign In
gerrit-public.fairphone.software / fp2-dev / platform / external / sepolicy / 867030517724036b64fcaf39deaba1b27f3ca77e
  1. 8670305 Remove world-read access to /data/dalvik-cache/profiles by Nick Kralevich · 10 years ago
  2. b0ee91a Merge "Add SELinux rules for service_manager." by Nick Kralevich · 10 years ago
  3. f90c41f Add SELinux rules for service_manager. by Riley Spahn · 10 years ago
  4. a2e4e26 Allow shell to read/search /dev/input directory. by Stephen Smalley · 10 years ago
  5. 62af838 Merge "Allow installd to chown/chmod app data files." by Nick Kralevich · 10 years ago
  6. 89b9ff7 Allow installd to chown/chmod app data files. by Stephen Smalley · 10 years ago
  7. 7c11bdc Allow dnsmasq to inherit/use netd UDP socket. by Stephen Smalley · 10 years ago
  8. 42fb824 Refactor the shell domains. by Stephen Smalley · 10 years ago
  9. 13d5886 system_server: Adds permission to system_server to write sysfs file by Ruchi Kandoi · 10 years ago
  10. f4e6902 recovery: don't use single quote by Nick Kralevich · 10 years ago
  11. a8281ad dumpstate: allow pstore access by Nick Kralevich · 10 years ago
  12. b2ed044 dumpstate: allow gpu_device access by Nick Kralevich · 10 years ago
  13. 7fd03e9 Merge "remove shell_data_file from unconfined." by Nick Kralevich · 10 years ago
  14. ac23ff9 Merge "label usbfs" by Nick Kralevich · 10 years ago
  15. e79433d Merge "add attach_queue to tun_socket" by Nick Kralevich · 10 years ago
  16. ddc9025 Merge "Refine recovery domain." by Nick Kralevich · 10 years ago
  17. 442b6f1 Merge "allow adb push to create directories." by Nick Kralevich · 10 years ago
  18. 7ada3bd Merge "surfaceflinger: remove unconfined domain reference." by Nick Kralevich · 10 years ago
  19. 5a5fb85 label usbfs by Nick Kralevich · 10 years ago
  20. a1cd65b Make dumpstate domain enforcing. by Nick Kralevich · 11 years ago
  21. b53e84a surfaceflinger: remove unconfined domain reference. by Nick Kralevich · 10 years ago
  22. d159122 Make system_app enforcing. by Stephen Smalley · 11 years ago
  23. 6bb672e Make the system_server domain enforcing. by Stephen Smalley · 11 years ago
  24. 98b7ab5 allow adb push to create directories. by Nick Kralevich · 10 years ago
  25. 8b7ca45 Refine recovery domain. by Nick Kralevich · 10 years ago
  26. ee49c0e remove shell_data_file from unconfined. by Nick Kralevich · 10 years ago
  27. d7af45d add attach_queue to tun_socket by Nick Kralevich · 10 years ago
  28. 90cb59f Merge "Remove domain unlabeled access." by Nick Kralevich · 10 years ago
  29. 4fd4a20 Allow adbd / shell /data/anr access by Nick Kralevich · 10 years ago
  30. 0341e1a Merge "Don't grant domain device:dir rw_dir_perms" by Nick Kralevich · 10 years ago
  31. a03d761 refine recovery domain. by Nick Kralevich · 10 years ago
  32. 2bcea0a Don't grant domain device:dir rw_dir_perms by Nick Kralevich · 10 years ago
  33. dde428a Merge "More recovery rules" by Nick Kralevich · 10 years ago
  34. 3d2eb27 Merge "Make racoon enforcing." by Nick Kralevich · 10 years ago
  35. 03dbf07 More recovery rules by Nick Kralevich · 10 years ago
  36. 5eaa0af Merge "Allow system_server access to /data/media files passed via Binder." by Nick Kralevich · 10 years ago
  37. d2622fd Allow installd to stat asec files and /data/media files. by Stephen Smalley · 10 years ago
  38. 2cc6d63 Allow system_server access to /data/media files passed via Binder. by Stephen Smalley · 10 years ago
  39. 84ed890 Merge adf_device into graphics_device by Nick Kralevich · 10 years ago
  40. cb23ca9 Remove domain unlabeled access. by Stephen Smalley · 10 years ago
  41. 6f6c425 Adjust rules around /data/app entities by Christopher Tate · 10 years ago
  42. 86b05c4 Merge "Remove obsolete vdc rule." by Nick Kralevich · 10 years ago
  43. 6399f40 Merge "add execmod to various app domains" by Nick Kralevich · 10 years ago
  44. 24b5622 Remove obsolete vdc rule. by Nick Kralevich · 11 years ago
  45. dda7fb8 am bd0262c9: Add ocontext for F2FS by JP Abgrall · 10 years ago
  46. bd0262c Add ocontext for F2FS by JP Abgrall · 10 years ago
  47. 78706f9 add execmod to various app domains by Nick Kralevich · 10 years ago
  48. e541f30 am 3957ae73: Merge "recovery: enable permissive_or_unconfined" by Nick Kralevich · 10 years ago
  49. 3957ae7 Merge "recovery: enable permissive_or_unconfined" by Nick Kralevich · 10 years ago
  50. f094e58 am 715023eb: Merge "Changed unconfined process policy to a whitelist." by Daniel Cashman · 10 years ago
  51. 715023e Merge "Changed unconfined process policy to a whitelist." by Daniel Cashman · 10 years ago
  52. 52dcc94 Changed unconfined process policy to a whitelist. by Riley Spahn · 10 years ago
  53. 4203981 recovery: enable permissive_or_unconfined by Nick Kralevich · 10 years ago
  54. 8571ed1 am 8b7545bf: Build the selinux_version file. by Robert Craig · 10 years ago
  55. 8b7545b Build the selinux_version file. by Robert Craig · 11 years ago
  56. 7ac8800 am 3235f61a: Restrict /data/security and setprop selinux.reload_policy access. by Stephen Smalley · 10 years ago
  57. ffdcb2e Make racoon enforcing. by Stephen Smalley · 10 years ago
  58. 3235f61 Restrict /data/security and setprop selinux.reload_policy access. by Stephen Smalley · 10 years ago
  59. ffbba62 am e60723ab: Create a separate recovery policy. by Stephen Smalley · 10 years ago
  60. e60723a Create a separate recovery policy. by Stephen Smalley · 10 years ago
  61. 7b601c3 am ac664270: Merge "Only auditallow unlabeled accesses not allowed elsewhere." by Nick Kralevich · 10 years ago
  62. 871b832 am 73b0346a: Explictly allow init and kernel unlabeled access. by Stephen Smalley · 10 years ago
  63. ac66427 Merge "Only auditallow unlabeled accesses not allowed elsewhere." by Nick Kralevich · 10 years ago
  64. 73b0346 Explictly allow init and kernel unlabeled access. by Stephen Smalley · 10 years ago
  65. 2c8bf56 Only auditallow unlabeled accesses not allowed elsewhere. by Stephen Smalley · 10 years ago
  66. e3a92d5 am f85c1fc2: Allow installd, vold, system_server unlabeled access. by Stephen Smalley · 10 years ago
  67. f85c1fc Allow installd, vold, system_server unlabeled access. by Stephen Smalley · 10 years ago
  68. c025438 am eb1bbf26: Clean up kernel, init, and recovery domains. by Stephen Smalley · 10 years ago
  69. eb1bbf2 Clean up kernel, init, and recovery domains. by Stephen Smalley · 10 years ago
  70. 24cf6d6 am 4553074c: Merge "Remove /system write from unconfined" by Nick Kralevich · 10 years ago
  71. 4553074 Merge "Remove /system write from unconfined" by Nick Kralevich · 10 years ago
  72. 03ce512 Remove /system write from unconfined by Nick Kralevich · 10 years ago
  73. 2c6fbb3 am d6aa23df: Merge "Label ril.cdma with radio_prop." by Nick Kralevich · 10 years ago
  74. d6aa23d Merge "Label ril.cdma with radio_prop." by Nick Kralevich · 10 years ago
  75. 040b21d am ad0d0fc7: Protect /data/property. by Stephen Smalley · 10 years ago
  76. ad0d0fc Protect /data/property. by Stephen Smalley · 10 years ago
  77. 3a09987 Label ril.cdma with radio_prop. by Stephen Smalley · 10 years ago
  78. 8c49978 am c8859c2d: Merge "remove syslog_* from unconfined" by Nick Kralevich · 10 years ago
  79. c8859c2 Merge "remove syslog_* from unconfined" by Nick Kralevich · 10 years ago
  80. 0d5df96 am 8dd5053f: Merge "Restore system_app access to system-owned /data directories." by Nick Kralevich · 10 years ago
  81. 8dd5053 Merge "Restore system_app access to system-owned /data directories." by Nick Kralevich · 10 years ago
  82. 685e2f9 remove syslog_* from unconfined by Nick Kralevich · 10 years ago
  83. 9c463fe am 27c702dd: Merge "dontaudit su" by Nick Kralevich · 10 years ago
  84. 87fa264 am f821b5a7: allow shell dmesg by Nick Kralevich · 10 years ago
  85. 27c702d Merge "dontaudit su" by Nick Kralevich · 10 years ago
  86. f821b5a allow shell dmesg by Nick Kralevich · 10 years ago
  87. 8e215cf am ba176c5f: Merge "Define SELinux policy for RELRO sharing support." by Torne (Richard Coles) · 10 years ago
  88. ba176c5 Merge "Define SELinux policy for RELRO sharing support." by Torne (Richard Coles) · 10 years ago
  89. af7deff dontaudit su by Nick Kralevich · 10 years ago
  90. f1ea707 Restore system_app access to system-owned /data directories. by Stephen Smalley · 10 years ago
  91. 7149486 am 0cefb701: Merge "Remove setting /proc/self/attr/* from unconfined." by Nick Kralevich · 10 years ago
  92. 0cefb70 Merge "Remove setting /proc/self/attr/* from unconfined." by Nick Kralevich · 10 years ago
  93. de49e37 am f4ede35c: Merge "Assert executable content (mostly) only loaded from /system" by Nick Kralevich · 10 years ago
  94. f4ede35 Merge "Assert executable content (mostly) only loaded from /system" by Nick Kralevich · 10 years ago
  95. c3e27bd am 8599e34b: Introduce wakelock_use() by Nick Kralevich · 10 years ago
  96. f853715 Remove setting /proc/self/attr/* from unconfined. by Stephen Smalley · 10 years ago
  97. 9786af2 Define SELinux policy for RELRO sharing support. by Torne (Richard Coles) · 10 years ago
  98. 629fbc9 Assert executable content (mostly) only loaded from /system by Nick Kralevich · 10 years ago
  99. 8599e34 Introduce wakelock_use() by Nick Kralevich · 10 years ago
  100. befe065 am ccb9f7a1: Merge "Label /dev/socket/zygote_secondary" by Nick Kralevich · 10 years ago