Temporarily add auditing of execmod by apps.
This is so we can get data on which apps are actually doing this. Bug: 111544476 Test: Device boots. No audits seen on test device. Change-Id: I5f72200ed8606775904d353c4d3d790373fe7dea
This commit is contained in:
parent
13e60ed1fa
commit
708aa90dd2
@ -151,6 +151,10 @@ userdebug_or_eng(`
|
||||
}:{ dir file lnk_file } { getattr open read };
|
||||
')
|
||||
|
||||
# Temporary auditing to get data on what apps use execmod.
|
||||
# TODO(b/111544476) Remove this and deny the permission if feasible.
|
||||
auditallow untrusted_app_all { apk_data_file app_data_file asec_public_file }:file execmod;
|
||||
|
||||
# Attempts to write to system_data_file is generally a sign
|
||||
# that apps are attempting to access encrypted storage before
|
||||
# the ACTION_USER_UNLOCKED intent is delivered. Suppress this
|
||||
|
Loading…
Reference in New Issue
Block a user