Sepolicy: Fix comment on apexd:fd use

The file descriptors for /dev/zero are no longer open. However, a descriptor to the shell is still inherited. Update the comment. Bug: 126787589 Test: m Test: manual Change-Id: I0d4518d2ba771622ea969bbf02827db45788bc09
2019-03-11 11:01:11 -07:00 · 2019-03-11 11:01:11 -07:00 · 15e02450f1
commit 15e02450f1
parent 5a74473d1b
2 changed files with 2 additions and 2 deletions
--- a/private/art_apex_postinstall.te
+++ b/private/art_apex_postinstall.te
@ -4,7 +4,7 @@
 type art_apex_postinstall, domain, coredomain;
 type art_apex_postinstall_exec, system_file_type, exec_type, file_type;

-# /dev/zero
+# /system/bin/sh (see b/126787589).
 allow art_apex_postinstall apexd:fd use;

 # Read temp dirs and files. Move directories.
--- a/private/art_apex_preinstall.te
+++ b/private/art_apex_preinstall.te
@ -4,7 +4,7 @@
 type art_apex_preinstall, domain, coredomain;
 type art_apex_preinstall_exec, system_file_type, exec_type, file_type;

-# /dev/zero
+# /system/bin/sh (see b/126787589).
 allow art_apex_preinstall apexd:fd use;

 # Create temp dirs and files under /data/ota.