Gitiles
Code Review Sign In
gerrit-public.fairphone.software / fp2-dev / platform / external / sepolicy / refs/tags/FP2-open-16.11.0 / system_server.te
  1. aaecd1e allow system_server to set ro.build.fingerprint by Nick Kralevich · 10 years ago
  2. 2d1650f allow system_server to set kernel scheduling priority by Nick Kralevich · 10 years ago
  3. 51bfecf Pull keychain-data policy out of system-data by Robin Lee · 10 years ago
  4. 2380d05 allow system_server oemfs read access by Nick Kralevich · 10 years ago
  5. 47bd730 Add support for factory reset protection. by dcashman · 10 years ago
  6. de08be8 Allow system reset_uid, sync_uid, password_uid by Robin Lee · 10 years ago
  7. 372d0df Remove system_server create access from /data/dalvik-cache by Brian Carlstrom · 10 years ago
  8. 997461b Allow system_server to talk to netlink directly. by Sreeram Ramachandran · 10 years ago
  9. aa8e657 Revert "fix system_server dex2oat exec" by Narayan Kamath · 10 years ago
  10. bf69632 DO NOT MERGE: Remove service_manager audit_allows. by Riley Spahn · 10 years ago
  11. d263576 Remove auditallow from system_server. by Riley Spahn · 10 years ago
  12. 344fc10 Add access control for each service_manager action. by Riley Spahn · 10 years ago
  13. 10370f5 fix system_server dex2oat exec by Nick Kralevich · 10 years ago
  14. 81839df reconcile aosp (3a8c5dc05fb7696dd81b8a7c1b2524224154e8ea) after branching. Please do not merge. by Ed Heyl · 10 years ago
  15. 5d60f04 sepolicy: allow system server to remove cgroups by Colin Cross · 10 years ago
  16. d8447fd Typedef+rules for SysSer to access persistent block device by Andres Morales · 10 years ago
  17. be092af Rules to allow installing package directories. by Jeff Sharkey · 10 years ago
  18. d00eff4 system_server: bring back sdcard_type neverallow rule by Nick Kralevich · 10 years ago
  19. 596bcc7 Remove keystore auditallow statements from system. by Riley Spahn · 10 years ago
  20. 1196d2a Adding policies for KeyStore MAC. by Riley Spahn · 10 years ago
  21. 8c6552a Allow system_server to read all /proc files by Nick Kralevich · 10 years ago
  22. fee4915 Align SELinux property policy with init property_perms. by Stephen Smalley · 10 years ago
  23. 97a2cfd Allow Bluetooth app to initiate DHCP service on bt-pan interface. by Paul Jensen · 10 years ago
  24. 04e730b system_server: allow open /dev/snd and read files by Nick Kralevich · 10 years ago
  25. 00b180d Eliminate some duplicated rules. by Stephen Smalley · 10 years ago
  26. fad4d5f Fix SELinux policies to allow resource overlays. by Nick Kralevich · 10 years ago
  27. a76d9dd system_server profile access by Nick Kralevich · 10 years ago
  28. 96d9af4 allow system_server getattr on /data/dalvik-cache/profiles by Nick Kralevich · 10 years ago
  29. 8670305 Remove world-read access to /data/dalvik-cache/profiles by Nick Kralevich · 10 years ago
  30. f90c41f Add SELinux rules for service_manager. by Riley Spahn · 10 years ago
  31. 13d5886 system_server: Adds permission to system_server to write sysfs file by Ruchi Kandoi · 10 years ago
  32. 6bb672e Make the system_server domain enforcing. by Stephen Smalley · 11 years ago
  33. 2cc6d63 Allow system_server access to /data/media files passed via Binder. by Stephen Smalley · 10 years ago
  34. f85c1fc Allow installd, vold, system_server unlabeled access. by Stephen Smalley · 10 years ago
  35. 8599e34 Introduce wakelock_use() by Nick Kralevich · 10 years ago
  36. a16a59e Remove graphics_device access. by Stephen Smalley · 10 years ago
  37. 782e084 Allow system_server to read tombstones. by Stephen Smalley · 10 years ago
  38. 538edd3 Restrict system_server to only the data file types needed. by Stephen Smalley · 10 years ago
  39. 02dac03 Drop relabelto_domain() macro and its associated definitions. by Stephen Smalley · 10 years ago
  40. cd905ec Protect keystore's files. by Nick Kralevich · 10 years ago
  41. 53cde70 Report graphics_device accesses by system_server or mediaserver. by Stephen Smalley · 10 years ago
  42. 3f3d6ff Allow system_server pstore access. by Nick Kralevich · 10 years ago
  43. e06e536 Allow inputflinger to call system_server. by Stephen Smalley · 10 years ago
  44. 971b5d7 Allow system_server to set ctl.bugreport property. by Stephen Smalley · 10 years ago
  45. bafbf81 Allow system_server to read from log daemon. by Stephen Smalley · 10 years ago
  46. 6fe899a Silence /proc/pid denials. by Stephen Smalley · 10 years ago
  47. c181218 Deduplicate and rationalize system_server /proc/pid access. by Stephen Smalley · 10 years ago
  48. d9d9d2f temp fix for build breakage. by Nick Kralevich · 10 years ago
  49. d331e00 Do not allow system_server to access SDcard files. by Stephen Smalley · 10 years ago
  50. 3dad7b6 Address system_server denials. by Stephen Smalley · 10 years ago
  51. 28afdd9 Deduplicate binder_call rules. by Stephen Smalley · 10 years ago
  52. 63b98b1 restore system_server zygote socket rules by Nick Kralevich · 10 years ago
  53. 37afd3f Remove system_server and zygote unlabeled execute access. by Stephen Smalley · 10 years ago
  54. 0296b94 Move qemud and /dev/qemu policy bits to emulator-specific sepolicy. by Stephen Smalley · 10 years ago
  55. 2c347e0 Drop obsolete keystore_socket type and rules. by Stephen Smalley · 10 years ago
  56. 1601132 Clean up socket rules. by Stephen Smalley · 10 years ago
  57. 335faf2 Allow stat of /sys/module/lowmemorykiller files by system_server. by Stephen Smalley · 10 years ago
  58. 5467fce initial lmkd policy. by Nick Kralevich · 10 years ago
  59. 418e2ab Label /data/misc/wifi/sockets with wpa_socket. by Stephen Smalley · 10 years ago
  60. 8ed750e sepolicy: Add write_logd, read_logd & control_logd by Mark Salyzyn · 11 years ago
  61. 208deb3 Allow dumpstate to run am and shell. by Stephen Smalley · 10 years ago
  62. 623975f Support forcing permissive domains to unconfined. by Nick Kralevich · 10 years ago
  63. 959fdaa Remove unlabeled execute access from domain, add to appdomain. by Stephen Smalley · 10 years ago
  64. c50bf17 Address new system server denial. by Robert Craig · 10 years ago
  65. 37339c7 fix mediaserver selinux denials. by Nick Kralevich · 10 years ago
  66. e7ec2f5 Only allow PROT_EXEC for ashmem where required. by Stephen Smalley · 10 years ago
  67. 527316a Allow use of art as the Android runtime. by Stephen Smalley · 10 years ago
  68. 13e44ec allow system_server block_suspend by Nick Kralevich · 10 years ago
  69. c4d7c0d system_server.te: allow getopt/getattr on zygote socket by Nick Kralevich · 11 years ago
  70. 3ba9012 Move gpu_device type and rules to core policy. by Stephen Smalley · 11 years ago
  71. 2b392fc Move lmkd into it's own domain. by Nick Kralevich · 11 years ago
  72. a49ba92 Allow SELinuxPolicyInstallReceiver to work. by Stephen Smalley · 11 years ago
  73. af47ebb Label /dev/fscklogs and allow system_server access to it. by Stephen Smalley · 11 years ago
  74. 2a604ad Confine healthd, but leave it permissive for now. by Stephen Smalley · 11 years ago
  75. cd95e0a Allow system_server to set powerctl_prop by Nick Kralevich · 11 years ago
  76. dd1ec6d Give system_server / system_app ability to write some properties by Nick Kralevich · 11 years ago
  77. 1ff6441 Confine system_server, but leave it permissive for now. by Stephen Smalley · 11 years ago
  78. 353c72e Move unconfined domains out of permissive mode. by Nick Kralevich · 11 years ago
  79. ec7d39b Introduce controls on wake lock interface by William Roberts · 11 years ago
  80. 8d68831 Restrict access to /dev/hw_random to system_server and init. by Alex Klyubin · 11 years ago
  81. 45ba665 Label and allow access to /data/system/ndebugsocket. by Stephen Smalley · 11 years ago
  82. 4103b3f 2/2: Rename domain "system" to "system_server". by Alex Klyubin · 11 years ago
  83. 1fdee11 1/2: Rename domain "system" to "system_server". by Alex Klyubin · 11 years ago