device/amlogic/common.git - Unnamed repository; edit this file 'description' to name the repository.

1 # Write to various pseudo file systems.
2 #allow untrusted_app block_device:dir { search getattr };
3 #
4 #allow untrusted_app imageserver_service:service_manager find;
5 #
6 #allow untrusted_app system_control_service:service_manager find;
7 #
8 #allow untrusted_app unlabeled:dir { search read write getattr };
9 #allow untrusted_app unlabeled:file { lock open read write getattr };
10 #
11 ## Read and write /data/data subdirectory.
12 #allow untrusted_app { system_app_data_file app_data_file }:dir { getattr read search };
13 #
14 #allow untrusted_app { system_app_data_file app_data_file }:file { getattr read write };
15 #
16 #allow untrusted_app subtitle_service:service_manager { find };
17 #allow untrusted_app unlabeled:filesystem getattr;
18 #allow untrusted_app proc_sysrq:file { read getattr };
19 #allow untrusted_app kernel:file { open read getattr };
20 #allow untrusted_app kernel:dir { search getattr };
21 #allow untrusted_app pppoe_wrapper:file { open read getattr };
22 #allow untrusted_app pppoe_wrapper:dir { search getattr };
23 #allow untrusted_app zygote:file { open read getattr };
24 #allow untrusted_app zygote:dir { search getattr };
25 #allow untrusted_app gatekeeperd:file { open read getattr };
26 #allow untrusted_app gatekeeperd:dir { search getattr };
27 #allow untrusted_app imageserver:file { open read getattr };
28 #allow untrusted_app imageserver:dir { search getattr };
29 #allow untrusted_app system_control:file { open read getattr };
30 #allow untrusted_app system_control:dir { search getattr };
31 #allow untrusted_app keystore:file { open read getattr };
32 #allow untrusted_app keystore:dir { search getattr };
33 #allow untrusted_app installd:file { open read getattr };
34 #allow untrusted_app installd:dir { search getattr };
35 #allow untrusted_app mediaserver:file { open read getattr };
36 #allow untrusted_app mediaserver:dir { search getattr };
37 #allow untrusted_app drmserver:file { open read getattr };
38 #allow untrusted_app drmserver:dir { search getattr };
39 #allow untrusted_app netd:file { open read getattr };
40 #allow untrusted_app netd:dir { search getattr };
41 #allow untrusted_app surfaceflinger:file { open read getattr };
42 #allow untrusted_app surfaceflinger:dir { search getattr };
43 #allow untrusted_app servicemanager:file { open read getattr };
44 #allow untrusted_app servicemanager:dir { search getattr };
45 #allow untrusted_app lmkd:file { open read getattr };
46 #allow untrusted_app lmkd:dir { search getattr };
47 #allow untrusted_app shell:file { open read getattr };
48 #allow untrusted_app shell:dir { search getattr };
49 #allow untrusted_app healthd:file { open read getattr };
50 #allow untrusted_app healthd:dir { search getattr };
51 #allow untrusted_app vold:file { open read getattr };
52 #allow untrusted_app vold:dir { search getattr };
53 #allow untrusted_app logd:file { open read getattr };
54 #allow untrusted_app logd:dir { search getattr };
55 #allow untrusted_app ueventd:file { open read getattr };
56 #allow untrusted_app ueventd:dir { search getattr };
57 #allow untrusted_app init:file { open read getattr };
58 #allow untrusted_app init:dir { search getattr };
59 #allow untrusted_app system_server:file { open read getattr };
60 #allow untrusted_app system_server:dir { search getattr };
61 #allow untrusted_app dhcp:file { open read getattr };
62 #allow untrusted_app dhcp:dir { search getattr };
63 #allow untrusted_app sdcardd:file { open read getattr };
64 #allow untrusted_app sdcardd:dir { search getattr };
65 #allow untrusted_app platform_app:file { open read getattr };
66 #allow untrusted_app platform_app:dir { search getattr };
67 #allow untrusted_app system_app:file { open read getattr };
68 #allow untrusted_app system_app:dir { search getattr };
69 #allow untrusted_app usbpm:file { open read getattr };
70 #allow untrusted_app usbpm:dir { search getattr };
71 #
72 #allow untrusted_app fuseblk:dir { search };
73 #allow untrusted_app fuseblk:file { read open };
74 #allow untrusted_app dex2oat:dir { getattr };
75 #allow untrusted_app storage_stub_file:dir { getattr };
76
77
78 allow untrusted_app vendor_file:file { getattr read open execute };
79 allow untrusted_app sysfs_zram:file { read open getattr };
80 allow untrusted_app sysfs_zram:dir { search };
81
1	# Write to various pseudo file systems.
2	#allow untrusted_app block_device:dir { search getattr };
3	#
4	#allow untrusted_app imageserver_service:service_manager find;
5	#
6	#allow untrusted_app system_control_service:service_manager find;
7	#
8	#allow untrusted_app unlabeled:dir { search read write getattr };
9	#allow untrusted_app unlabeled:file { lock open read write getattr };
10	#
11	## Read and write /data/data subdirectory.
12	#allow untrusted_app { system_app_data_file app_data_file }:dir { getattr read search };
13	#
14	#allow untrusted_app { system_app_data_file app_data_file }:file { getattr read write };
15	#
16	#allow untrusted_app subtitle_service:service_manager { find };
17	#allow untrusted_app unlabeled:filesystem getattr;
18	#allow untrusted_app proc_sysrq:file { read getattr };
19	#allow untrusted_app kernel:file { open read getattr };
20	#allow untrusted_app kernel:dir { search getattr };
21	#allow untrusted_app pppoe_wrapper:file { open read getattr };
22	#allow untrusted_app pppoe_wrapper:dir { search getattr };
23	#allow untrusted_app zygote:file { open read getattr };
24	#allow untrusted_app zygote:dir { search getattr };
25	#allow untrusted_app gatekeeperd:file { open read getattr };
26	#allow untrusted_app gatekeeperd:dir { search getattr };
27	#allow untrusted_app imageserver:file { open read getattr };
28	#allow untrusted_app imageserver:dir { search getattr };
29	#allow untrusted_app system_control:file { open read getattr };
30	#allow untrusted_app system_control:dir { search getattr };
31	#allow untrusted_app keystore:file { open read getattr };
32	#allow untrusted_app keystore:dir { search getattr };
33	#allow untrusted_app installd:file { open read getattr };
34	#allow untrusted_app installd:dir { search getattr };
35	#allow untrusted_app mediaserver:file { open read getattr };
36	#allow untrusted_app mediaserver:dir { search getattr };
37	#allow untrusted_app drmserver:file { open read getattr };
38	#allow untrusted_app drmserver:dir { search getattr };
39	#allow untrusted_app netd:file { open read getattr };
40	#allow untrusted_app netd:dir { search getattr };
41	#allow untrusted_app surfaceflinger:file { open read getattr };
42	#allow untrusted_app surfaceflinger:dir { search getattr };
43	#allow untrusted_app servicemanager:file { open read getattr };
44	#allow untrusted_app servicemanager:dir { search getattr };
45	#allow untrusted_app lmkd:file { open read getattr };
46	#allow untrusted_app lmkd:dir { search getattr };
47	#allow untrusted_app shell:file { open read getattr };
48	#allow untrusted_app shell:dir { search getattr };
49	#allow untrusted_app healthd:file { open read getattr };
50	#allow untrusted_app healthd:dir { search getattr };
51	#allow untrusted_app vold:file { open read getattr };
52	#allow untrusted_app vold:dir { search getattr };
53	#allow untrusted_app logd:file { open read getattr };
54	#allow untrusted_app logd:dir { search getattr };
55	#allow untrusted_app ueventd:file { open read getattr };
56	#allow untrusted_app ueventd:dir { search getattr };
57	#allow untrusted_app init:file { open read getattr };
58	#allow untrusted_app init:dir { search getattr };
59	#allow untrusted_app system_server:file { open read getattr };
60	#allow untrusted_app system_server:dir { search getattr };
61	#allow untrusted_app dhcp:file { open read getattr };
62	#allow untrusted_app dhcp:dir { search getattr };
63	#allow untrusted_app sdcardd:file { open read getattr };
64	#allow untrusted_app sdcardd:dir { search getattr };
65	#allow untrusted_app platform_app:file { open read getattr };
66	#allow untrusted_app platform_app:dir { search getattr };
67	#allow untrusted_app system_app:file { open read getattr };
68	#allow untrusted_app system_app:dir { search getattr };
69	#allow untrusted_app usbpm:file { open read getattr };
70	#allow untrusted_app usbpm:dir { search getattr };
71	#
72	#allow untrusted_app fuseblk:dir { search };
73	#allow untrusted_app fuseblk:file { read open };
74	#allow untrusted_app dex2oat:dir { getattr };
75	#allow untrusted_app storage_stub_file:dir { getattr };
76
77
78	allow untrusted_app vendor_file:file { getattr read open execute };
79	allow untrusted_app sysfs_zram:file { read open getattr };
80	allow untrusted_app sysfs_zram:dir { search };
81