replicant-vendor_replicant/sepolicy
Ricardo Cerqueira 4df29e013d selinux: Workaround for devices with PR_SET_NO_NEW_PRIVS enforcement
PR_SET_NO_NEW_PRIVS blocks domain transitions from within app_process,
unless the new domain is bounded by the app's context. So we can't
switch to a domain that has perms not available to untrusted_app :(

This means any app can talk to the daemon, bypassing the su executable
client. That's not a good thing, and needs to be resolved.

Change-Id: I85b74f90b8737caaa193a0555b5262e7392519b2
2014-12-10 20:38:34 +00:00
..
adbd.te sepolicy: Fix permissions for service.adb.tcp.port 2014-12-01 20:36:13 +00:00
auditd.te selinux: Add rules for the audit daemon 2014-11-09 17:20:54 +00:00
file_contexts cm: sepolicy: Add contexts for cm recovery 2014-11-27 23:05:26 +00:00
file.te selinux: Add rules for the audit daemon 2014-11-09 17:20:54 +00:00
genfs_contexts sepolicy: treat fuseblk as sdcard_external 2013-11-13 09:37:42 +07:00
healthd.te selinux: Fix healthd's access to /dev nodes 2014-11-27 22:57:21 +00:00
hostapd.te vendor: add policies for netd 2014-11-29 23:33:52 -08:00
installd.te sepolicy: allow installd to query ASEC size 2013-11-13 22:35:17 +07:00
mac_permissions.xml
netd.te vendor: add policies for netd 2014-11-29 23:33:52 -08:00
property_contexts sepolicy: More rules for recovery 2014-12-09 22:20:14 +00:00
property.te sepolicy: More rules for recovery 2014-12-09 22:20:14 +00:00
recovery.te sepolicy: More rules for recovery 2014-12-09 22:20:14 +00:00
seapp_contexts selinux: Add missing seapp_contexts file 2013-11-06 11:39:24 +00:00
sepolicy.mk sepolicy: Fix permissions for service.adb.tcp.port 2014-12-01 20:36:13 +00:00
service_contexts [1/2] SEPolicy: Add Edgegesture service. 2014-11-19 10:04:18 +02:00
shell.te Allow SystemServer to set service.adb.tcp.* properties 2014-11-29 09:01:56 -08:00
su.te selinux: Workaround for devices with PR_SET_NO_NEW_PRIVS enforcement 2014-12-10 20:38:34 +00:00
sysinit.te vendor: Update SELinux policy for sysinit 2014-11-24 15:37:52 +01:00
system.te vendor: add policies for netd 2014-11-29 23:33:52 -08:00
ueventd.te cm: sepolicy: Allow ueventd to load WiFi and audio irmware 2014-04-05 14:56:09 -07:00
vold.te cm: sepolicy: Add contexts for cm recovery 2014-11-27 23:05:26 +00:00