PWN-Hunter/android_system_sepolicy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge "Add getattr access on tmpfs_zygote files for webview_zygote."

Browse Source
This commit is contained in:
Nicolas Geoffray 2020-01-31 08:09:05 +00:00 committed by Gerrit Code Review
commit 89946d7e1b
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
private/webview_zygote.te
View File

@ -64,8 +64,8 @@ selinux_check_access(webview_zygote)
# Directory listing in /system. # Directory listing in /system.
allow webview_zygote system_file:dir r_dir_perms; allow webview_zygote system_file:dir r_dir_perms;
# Read system properties managed by zygote. # Read and inspect temporary files (like system properties) managed by zygote.
allow webview_zygote zygote_tmpfs:file read; allow webview_zygote zygote_tmpfs:file { read getattr };
# Child of zygote. # Child of zygote.
allow webview_zygote zygote:fd use; allow webview_zygote zygote:fd use;
allow webview_zygote zygote:process sigchld; allow webview_zygote zygote:process sigchld;