Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / frameworks / base / 098593733170244d615e8868355c7cb85e834cf6
commit098593733170244d615e8868355c7cb85e834cf6[log] [tgz]
authorJeff Vander Stoep <jeffv@google.com>Mon Oct 12 08:28:56 2015 -0700
committerJeff Vander Stoep <jeffv@google.com>Mon Oct 12 11:06:27 2015 -0700
tree571efe3b247b7014f21ac6ae290ec5557251207e
parent1ca9f4812749a3eff0654e2ea7773e8b3704c1da [diff]
Pass privapp specifier for selinux labeling

Allow privileged apps to run in their own priv_app domain.

Motivation:
Untrusted_app is overprivileged due to the inclusion of privileged
apps like gmscore, play store and finsky. Moving these and other
privileged apps to their own domain reduces the permissions required
by untrusted_app.

A separate priv_app domain also protects priv-apps by further
isolating them from third party apps.

Bug: 22033466
Change-Id: I8e6ae5677c5a978301c453d0aa51ebed4459f5a0
1 file changed
tree: 571efe3b247b7014f21ac6ae290ec5557251207e
  1. api/
  2. cmds/
  3. core/
  4. data/
  5. docs/
  6. drm/
  7. graphics/
  8. include/
  9. keystore/
  10. libs/
  11. location/
  12. media/
  13. native/
  14. nfc-extras/
  15. obex/
  16. opengl/
  17. packages/
  18. rs/
  19. samples/
  20. sax/
  21. services/
  22. telecomm/
  23. telephony/
  24. test-runner/
  25. tests/
  26. tools/
  27. wifi/
  28. Android.mk
  29. CleanSpec.mk
  30. MODULE_LICENSE_APACHE2
  31. NOTICE
  32. preloaded-classes