Switch to r_file_perms
The current rule is missing mmap. r_file_perm implicitly adds mmap, so we should just use that instead. Test: policy compiles. Change-Id: I4051d1eb4c36a2b6ff2b5f26ce53355287cbe2b4
This commit is contained in:
parent
3eae9de2e8
commit
0bfa7b5385
@ -108,7 +108,7 @@ allow untrusted_app_all preloads_data_file:dir search;
|
||||
# TODO (b/37784178) Consider creating a special type for /vendor/app installed
|
||||
# apps.
|
||||
allow untrusted_app_all vendor_app_file:dir { open getattr read search };
|
||||
allow untrusted_app_all vendor_app_file:file { open getattr read execute };
|
||||
allow untrusted_app_all vendor_app_file:file { r_file_perms execute };
|
||||
allow untrusted_app_all vendor_app_file:lnk_file { open getattr read };
|
||||
|
||||
# Write app-specific trace data to the Perfetto traced damon. This requires
|
||||
|
Loading…
Reference in New Issue
Block a user