Allow shell and adbd access to media_rw_data_file for now.
With sdcardfs, we no longer have a separate sdcardd acting as an intermediate between the outside world and /data/media. Unless we modify sdcardfs to change contexts, we need these. Remove this patch if sdcardfs is updated to change the secontext of fs accesses. Bug: 27925072 Change-Id: I3ad37c0f12836249c83042bdc1111b6360f22b3c
This commit is contained in:
parent
f19fb0c973
commit
bb90999e9a
4
adbd.te
4
adbd.te
@ -100,3 +100,7 @@ allow adbd storage_file:dir r_dir_perms;
|
||||
allow adbd storage_file:lnk_file r_file_perms;
|
||||
allow adbd mnt_user_file:dir r_dir_perms;
|
||||
allow adbd mnt_user_file:lnk_file r_file_perms;
|
||||
|
||||
# Access to /data/media.
|
||||
allow adbd media_rw_data_file:dir create_dir_perms;
|
||||
allow adbd media_rw_data_file:file create_file_perms;
|
||||
|
4
shell.te
4
shell.te
@ -122,6 +122,10 @@ allow shell sysfs:dir r_dir_perms;
|
||||
# Allow access to ion memory allocation device.
|
||||
allow shell ion_device:chr_file rw_file_perms;
|
||||
|
||||
# Access to /data/media.
|
||||
allow shell media_rw_data_file:dir create_dir_perms;
|
||||
allow shell media_rw_data_file:file create_file_perms;
|
||||
|
||||
###
|
||||
### Neverallow rules
|
||||
###
|
||||
|
Loading…
Reference in New Issue
Block a user