priv_app: Remove rules for storaged
We added an auditallow for these permissions on 11/26/2019, and have not seen any recent logs for this in go/sedenials. No other priv-app should rely on this now that gmscore is running in its own domain. Bug: 142672293 Test: TH Change-Id: I2a59cac8041646b548ba1a73fcd5fddabb4d1429
This commit is contained in:
parent
0b099c801d
commit
d1a8f0dcb4
@ -122,18 +122,6 @@ userdebug_or_eng(`
|
||||
# access the mac address
|
||||
allowxperm priv_app self:udp_socket ioctl SIOCGIFHWADDR;
|
||||
|
||||
# Allow GMS core to communicate with dumpsys storaged.
|
||||
binder_call(priv_app, storaged)
|
||||
allow priv_app storaged_service:service_manager find;
|
||||
# b/142672293: No other priv-app should need this allow rule now that GMS core runs in its own domain.
|
||||
userdebug_or_eng(`
|
||||
auditallow priv_app storaged:binder { call transfer };
|
||||
auditallow storaged priv_app:binder transfer;
|
||||
auditallow priv_app storaged:fd use;
|
||||
auditallow priv_app storaged_service:service_manager find;
|
||||
')
|
||||
|
||||
|
||||
# Allow GMS core to access system_update_service (e.g. to publish pending
|
||||
# system update info).
|
||||
allow priv_app system_update_service:service_manager find;
|
||||
|
Loading…
Reference in New Issue
Block a user