diff --git a/public/mediatranscoding.te b/public/mediatranscoding.te
index 85c4a6cfe..2e539dfb3 100644
--- a/public/mediatranscoding.te
+++ b/public/mediatranscoding.te
@@ -12,6 +12,11 @@ allow mediatranscoding system_server:fd use;
 allow mediatranscoding activity_service:service_manager find;
 allow mediatranscoding untrusted_app:binder call;
 
+# allow mediatranscoding service read/write permissions for file sources
+allow mediatranscoding sdcardfs:file { getattr read write };
+allow mediatranscoding media_rw_data_file:file { getattr read write };
+allow mediatranscoding apk_data_file:file { getattr read };
+
 # mediatranscoding should never execute any executable without a
 # domain transition
 neverallow mediatranscoding { file_type fs_type }:file execute_no_trans;