ensure that untrusted_app can't set properties
Bug: 10243159 Change-Id: I9409fe8898c446a33515f1bee2990f36a2e11535
This commit is contained in:
parent
5d60f04e5d
commit
99d86c7a77
@ -76,3 +76,9 @@ neverallow untrusted_app debugfs:file read;
|
||||
# Only trusted components of Android should be registering
|
||||
# services.
|
||||
neverallow untrusted_app service_manager_type:service_manager add;
|
||||
|
||||
# Don't allow untrusted_apps to connect to the property service
|
||||
# or set properties. b/10243159
|
||||
neverallow untrusted_app property_socket:sock_file write;
|
||||
neverallow untrusted_app init:unix_stream_socket connectto;
|
||||
neverallow untrusted_app property_type:property_service set;
|
||||
|
Loading…
Reference in New Issue
Block a user