blob: 1235cd28b0d456ae4693d14a785c7d5d1fc4b9e4
1 | # TODO: Add rules to allow update_verifier to read system_block_device. |
2 | allow update_verifier system_block_device:blk_file r_file_perms; |
3 | allow update_verifier rootfs:file { getattr read open }; |
4 | allow update_verifier proc:file { read open getattr }; |
5 | #allow update_verifier misc_block_device:blk_file rw_file_perms; |
6 |