system_server: read symlinks in /cache
type=1400 audit(0.0:6): avc: denied { read } for comm="Thread-5" name="cache" dev="dm-0" ino=13 scontext=u:r:system_server:s0 tcontext=u:object_r:cache_file:s0 tclass=lnk_file permissive=0 Bug: 64067152 Test: build Change-Id: Ie90c0343a834aa87b7ded41f503e05d9b63b3244
This commit is contained in:
parent
21b4a92590
commit
a4cada7439
@ -455,6 +455,7 @@ set_prop(system_server, firstboot_prop)
|
||||
allow system_server system_ndebug_socket:sock_file create_file_perms;
|
||||
|
||||
# Manage cache files.
|
||||
allow system_server cache_file:lnk_file r_file_perms;
|
||||
allow system_server { cache_file cache_recovery_file }:dir { relabelfrom create_dir_perms };
|
||||
allow system_server { cache_file cache_recovery_file }:file { relabelfrom create_file_perms };
|
||||
allow system_server { cache_file cache_recovery_file }:fifo_file create_file_perms;
|
||||
|
Loading…
Reference in New Issue
Block a user