Gitiles
Code Review Sign In
gerrit-public.fairphone.software / fp2-dev / platform / external / sepolicy / af9238c9b801325a289b5766fc9dc7a86d4dd0f5
  1. af9238c Confine mediaserver, but leave it permissive for now. by Stephen Smalley · 11 years ago
  2. 5637099 Confine all app domains, but make them permissive for now. by Stephen Smalley · 11 years ago
  3. d7fd22e Confine bluetooth app. by Stephen Smalley · 11 years ago
  4. 28a711c Merge "Move unconfined domains out of permissive mode." by Nick Kralevich · 11 years ago
  5. 84d8831 Clarify the expectations for the unconfined template. by Nick Kralevich · 11 years ago
  6. 353c72e Move unconfined domains out of permissive mode. by Nick Kralevich · 11 years ago
  7. 610a4b1 tools: update lengths from int to size_t by William Roberts · 11 years ago
  8. 6184629 tools: require that seinfo and packagename be used by William Roberts · 11 years ago
  9. d1f1070 tools: drop unused field in struct by William Roberts · 11 years ago
  10. 1413833 tools: Strengthen BEGIN/END CERTIFICATE checks by William Roberts · 11 years ago
  11. 070c01f tools: Don't error out of insertkeys script on whitespace by Mike Palmiotto · 11 years ago
  12. 0b8c20e Allow apps to use the USB Accessory functionality by Nick Kralevich · 11 years ago
  13. ce90fc4 Merge "tools: Correct insert keys behavior on pem files" by Nick Kralevich · 11 years ago
  14. 1ecb4e8 tools: Correct insert keys behavior on pem files by William Roberts · 11 years ago
  15. 85c5fc2 Start confining ueventd by William Roberts · 11 years ago
  16. ec7d39b Introduce controls on wake lock interface by William Roberts · 11 years ago
  17. 8d68831 Restrict access to /dev/hw_random to system_server and init. by Alex Klyubin · 11 years ago
  18. 109f9e6 Merge "Restore netdomain allow rules." by Nick Kralevich · 11 years ago
  19. ede81a8 Merge "Except the shell domain from the transition neverallow rule." by Nick Kralevich · 11 years ago
  20. 5554075 Label adb keys file and allow access to it. by Stephen Smalley · 11 years ago
  21. ca0759b Restore netdomain allow rules. by Stephen Smalley · 11 years ago
  22. 5708544 Except the shell domain from the transition neverallow rule. by Stephen Smalley · 11 years ago
  23. 513fb85 Merge "Label and allow access to /data/system/ndebugsocket." by Nick Kralevich · 11 years ago
  24. 10f3c37 Merge "Make sure exec_type is assigned to all entrypoint types." by Nick Kralevich · 11 years ago
  25. 5c94723 Merge "Expand the set of neverallow rules applied to app domains." by Geremy Condra · 11 years ago
  26. 2a273ad Expand the set of neverallow rules applied to app domains. by Stephen Smalley · 11 years ago
  27. 45ba665 Label and allow access to /data/system/ndebugsocket. by Stephen Smalley · 11 years ago
  28. 42c7357 Merge "Isolate untrusted app ptys from other domains." by Geremy Condra · 11 years ago
  29. 0130154 Make sure exec_type is assigned to all entrypoint types. by Stephen Smalley · 11 years ago
  30. b0712c1 Remove /data/local/tmp/selinux entry. by Stephen Smalley · 11 years ago
  31. 2dc4acf Isolate untrusted app ptys from other domains. by Stephen Smalley · 11 years ago
  32. 189558f Remove legacy entries from crespo (Nexus S). by Stephen Smalley · 11 years ago
  33. e9c4181 zygote.te: fix comment. by Nick Kralevich · 11 years ago
  34. 199fc73 Revert "Give Zygote the ability to write app data files." by Nick Kralevich · 11 years ago
  35. 7aba0bc Allow file types to be associated with the rootfs. by Stephen Smalley · 11 years ago
  36. 567ee41 Label /dev/socket/gps with its own type. by Stephen Smalley · 11 years ago
  37. 4caf8c9 Label /dev/socket/mdns with its own type. by Stephen Smalley · 11 years ago
  38. 755cb39 Merge changes Ia473e29d,Ic500af7b by Nick Kralevich · 11 years ago
  39. 54d92dc Merge "Extend to check indirect allow rules and conditional rules." by Nick Kralevich · 11 years ago
  40. 4103b3f 2/2: Rename domain "system" to "system_server". by Alex Klyubin · 11 years ago
  41. 1fdee11 1/2: Rename domain "system" to "system_server". by Alex Klyubin · 11 years ago
  42. a770f55 Remove dbusd policy; dbusd is no more. by Stephen Smalley · 11 years ago
  43. 1d435de Remove bluetoothd policy; bluetoothd is no more. by Stephen Smalley · 11 years ago
  44. 8840fa7 Split system_app from system. by Stephen Smalley · 11 years ago
  45. a62d5c6 Drop obsolete comments about SEAndroidManager. by Stephen Smalley · 11 years ago
  46. c084503 Remove sys_nice capability from domains. by Stephen Smalley · 11 years ago
  47. d1f448d Merge changes Icd71c967,I3fd90ad9 by Nick Kralevich · 11 years ago
  48. 29326ed Drop domain write access to sysfs for the emulator. by Stephen Smalley · 11 years ago
  49. 0f7641d Label all files under /sys/qemu_trace with sysfs_writable. by Stephen Smalley · 11 years ago
  50. 17454cf Do not permit appdomain to create/write to download_file. by Stephen Smalley · 11 years ago
  51. 5b00f22 Remove duplicated rules between appdomain and isolated_app. by Stephen Smalley · 11 years ago
  52. 640991b Extend to check indirect allow rules and conditional rules. by Stephen Smalley · 11 years ago
  53. a24a991 Allow apps to execute app_data_files by Nick Kralevich · 11 years ago
  54. a247705 Permit writing to /dev/random and /dev/urandom. by Alex Klyubin · 11 years ago
  55. 34a8e12 Permit installd to unlink all types of data_file_type. by Alex Klyubin · 11 years ago
  56. a473e29 write_klog also requires write permission to the directory. by Stephen Smalley · 11 years ago
  57. 79e084f Allow access to /data/security/current symbolic link. by Stephen Smalley · 11 years ago
  58. 9af6f1b Drop -d option on insertkeys.py in Android.mk by William Roberts · 11 years ago
  59. 21d13e9 Merge "Fix more long-tail denials." by Geremy Condra · 11 years ago
  60. 217f8af Fix more long-tail denials. by Geremy Condra · 11 years ago
  61. 66826d5 Merge "Fix miscellaneous long-tail denials." by Geremy Condra · 11 years ago
  62. 2f40a17 Revert "Add the ability to write shell files to the untrusted_app domain." by Nick Kralevich · 11 years ago
  63. d615ef3 Fix miscellaneous long-tail denials. by Geremy Condra · 11 years ago
  64. fc2bd01 Give Zygote the ability to write app data files. by Geremy Condra · 11 years ago
  65. 8156073 Fix denials encountered while getting bugreports. by Geremy Condra · 11 years ago
  66. 765e95f Merge "quash SELinux denial for healthd" by dcashman · 11 years ago
  67. 3fada57 am cec3c1e4: am e0362602: Add capabilities to Zygote to fix valgrind. by Geremy Condra · 11 years ago
  68. cec3c1e am e0362602: Add capabilities to Zygote to fix valgrind. by Geremy Condra · 11 years ago
  69. 758d033 quash SELinux denial for healthd by dcashman · 11 years ago
  70. e036260 Add capabilities to Zygote to fix valgrind. by Geremy Condra · 11 years ago
  71. 2b8512c Merge "Add sepolicy-check, a utility for auditing selinux policy." by Geremy Condra · 11 years ago
  72. 01aaeb6 Add sepolicy-check, a utility for auditing selinux policy. by Geremy Condra · 11 years ago
  73. 7d7ab56 am 81cdd6c6: am 1b46b2fe: Fix insertkeys.py to resolve keys.conf path entries in a portable way by Richard Haines · 11 years ago
  74. 81cdd6c am 1b46b2fe: Fix insertkeys.py to resolve keys.conf path entries in a portable way by Richard Haines · 11 years ago
  75. bcefbf5 am 553bafef: am 29d0d406: Add the ability to write shell files to the untrusted_app domain. by Geremy Condra · 11 years ago
  76. 553bafe am 29d0d406: Add the ability to write shell files to the untrusted_app domain. by Geremy Condra · 11 years ago
  77. 29d0d40 Add the ability to write shell files to the untrusted_app domain. by Geremy Condra · 11 years ago
  78. 1e9081a am b74efd33: (-s ours) Reconcile with klp-release - do not merge by The Android Open Source Project · 11 years ago
  79. b74efd3 Reconcile with klp-release - do not merge by The Android Open Source Project · 11 years ago
  80. 1b46b2f Fix insertkeys.py to resolve keys.conf path entries in a portable way by Richard Haines · 11 years ago
  81. 6db3c2d merge in klp-release history after reset to master by The Android Automerger · 11 years ago
  82. ab7dfab Fix clatd, broken by selinux policing /dev/tun by Lorenzo Colitti · 11 years ago
  83. 3411f78 merge in klp-release history after reset to master by The Android Automerger · 11 years ago
  84. 32c0dbd Merge "healthd: add sepolicy" by Todd Poynor · 11 years ago
  85. ebdbc2f merge in klp-release history after reset to master by The Android Automerger · 11 years ago
  86. 7cda86e Permit apps to bind TCP/UDP sockets to a hostname by Alex Klyubin · 11 years ago
  87. 08711d3 Move isolated_app.te / untrusted_app.te into permissive by Nick Kralevich · 11 years ago
  88. 24617fc Move isolated_app.te / untrusted_app.te into permissive by Nick Kralevich · 11 years ago
  89. 59faed0 Allow apps to create listening ports by Nick Kralevich · 11 years ago
  90. 73e859c merge in klp-release history after reset to master by The Android Automerger · 11 years ago
  91. 2637198 Only init should be able to load a security policy by Nick Kralevich · 11 years ago
  92. 8a2ebe3 Temporarily allow untrusted apps to read shell data files. by Nick Kralevich · 11 years ago
  93. 0b5b4fa Merge "untrusted_app.te / isolated_app.te / app.te first pass" by Nick Kralevich · 11 years ago
  94. 3632bb2 Remove /sys from file_contexts by Nick Kralevich · 11 years ago
  95. ceff21b Merge "domain.te: Temporarily work around debuggerd connection bug" by Nick Kralevich · 11 years ago
  96. 5919d1c domain.te: Temporarily work around debuggerd connection bug by Nick Kralevich · 11 years ago
  97. caf7531 merge in klp-release history after reset to master by The Android Automerger · 11 years ago
  98. 6634a10 untrusted_app.te / isolated_app.te / app.te first pass by Nick Kralevich · 11 years ago
  99. 9a19885 remove "self:process ptrace" from domain, netd neverallow rules by Nick Kralevich · 11 years ago
  100. 748fdef Move *_app into their own file by Nick Kralevich · 11 years ago