Remove obsolete warning from restorecon_recursive documentation.
We originally included a warning to not invoke restorecon_recursive
with a path leading to a shell-writable or app-writable directory
due to concerns about the potential for mischief with symlinks during
the restorecon_recursive. However, this warning was never necessary for
calling restorecon_recursive during system initialization before an adb
shell or app can run, and we have further prohibited init from
reading/following symlinks that can be created by shell or apps in
policy, so this warning is superfluous. It also contradicts current
usage of restorecon_recursive in rootdir/init.rc, since it is called
there on /data.
Change-Id: I28a635e0b5991ced8adcef93e7a04f9d9e5634fd
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
diff --git a/init/readme.txt b/init/readme.txt
index decea9a..750d953 100644
--- a/init/readme.txt
+++ b/init/readme.txt
@@ -202,8 +202,6 @@
restorecon_recursive <path> [ <path> ]*
Recursively restore the directory tree named by <path> to the
security contexts specified in the file_contexts configuration.
- Do NOT use this with paths leading to shell-writable or app-writable
- directories, e.g. /data/local/tmp, /data/data or any prefix thereof.
setcon <securitycontext>
Set the current process security context to the specified string.