Don't open appfuse files in apps.

Previously we published appfuse mount points to apps and apps open appfuse file by themselves. We changed the design and we don't allow apps to access appfuse mount point. Instead system server opens a file on appfuse mount points and passes FD to apps. The change updates apps and system server policies to adopt new design. Bug: 29970149 Test: None Change-Id: I0b35fee9816f61565705eecb88a472754ccffdca
2016-12-05 10:49:35 +09:00 · 2016-12-05 10:49:35 +09:00 · 7ae1d23745
commit 7ae1d23745
parent 828433c892
2 changed files with 3 additions and 2 deletions
--- a/public/app.te
+++ b/public/app.te
@ -252,8 +252,7 @@ allow { appdomain -isolated_app } hal_graphics_allocator:fd use;
 allow appdomain proc_meminfo:file r_file_perms;

 # For app fuse.
-allow appdomain app_fuse_file:dir rw_dir_perms;
-allow appdomain app_fuse_file:file rw_file_perms;
+allow appdomain app_fuse_file:file { getattr read append write };

 ###
 ### CTS-specific rules
--- a/public/system_server.te
+++ b/public/system_server.te
@ -559,6 +559,8 @@ userdebug_or_eng(`
 # For AppFuse.
 allow system_server vold:fd use;
 allow system_server fuse_device:chr_file { read write ioctl getattr };
+allow system_server app_fuse_file:dir rw_dir_perms;
+allow system_server app_fuse_file:file { read write open getattr append };

 # For configuring sdcardfs
 allow system_server configfs:dir { create_dir_perms };