Do not allow new additions to core_property_type
core_property_type is an attribute which was given to all existing properties known to core SELinux policy. Any property with this label is readable to all SELinux domains, which is overly broad. The long term goal is to remove the core_property_type attribute entirely. Add a neverallow rule prohibiting the introduction of new properties with the core_property_type attribute. Device specific properties, or new properties in core SELinux policy, should not have this attribute. Test: policy compiles Change-Id: Ie89a9f0d81c8561616001ff8451496ce2278dbb2
This commit is contained in:
parent
a95c52e347
commit
d310df20bd
@ -43,3 +43,42 @@ type wifi_log_prop, property_type, log_property_type;
|
||||
type wifi_prop, property_type;
|
||||
|
||||
allow property_type tmpfs:filesystem associate;
|
||||
|
||||
###
|
||||
### Neverallow rules
|
||||
###
|
||||
|
||||
# core_property_type should not be used for new properties or
|
||||
# device specific properties. Properties with this attribute
|
||||
# are readable to everyone, which is overly broad and should
|
||||
# be avoided.
|
||||
# New properties should have appropriate read / write access
|
||||
# control rules written.
|
||||
|
||||
neverallow * {
|
||||
core_property_type
|
||||
-audio_prop
|
||||
-bluetooth_prop
|
||||
-config_prop
|
||||
-cppreopt_prop
|
||||
-dalvik_prop
|
||||
-debuggerd_prop
|
||||
-debug_prop
|
||||
-default_prop
|
||||
-dhcp_prop
|
||||
-dumpstate_prop
|
||||
-ffs_prop
|
||||
-fingerprint_prop
|
||||
-logd_prop
|
||||
-net_radio_prop
|
||||
-nfc_prop
|
||||
-pan_result_prop
|
||||
-persist_debug_prop
|
||||
-powerctl_prop
|
||||
-radio_prop
|
||||
-restorecon_prop
|
||||
-shell_prop
|
||||
-system_prop
|
||||
-system_radio_prop
|
||||
-vold_prop
|
||||
}:file no_rw_file_perms;
|
||||
|
Loading…
Reference in New Issue
Block a user