PWN-Hunter/android_system_sepolicy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Modified SEPolicy rules
87 Commits 17 Branches 0 Tags 41 MiB
Go 32.7%
Python 30.1%
C 24.3%
Makefile 7.5%
Shell 2.7%
Other 2.7%
ae23a1f36a
Go to file
William Roberts ae23a1f36a Corrected gramatical issues 
Change-Id: I62ce62475f4a17d278243cc96db773872b2dc89c
2012-09-05 12:53:52 -07:00
check_seapp Corrected gramatical issues 2012-09-05 12:53:52 -07:00
access_vectors Define wake_alarm and block_suspect capabilities. 2012-08-10 09:23:21 -04:00
adbd.te Allow adbd to access the qemu device and label /dev/eac correctly. 2012-04-03 15:30:28 -04:00
Android.mk Changed seapp_contexts temporary file naming 2012-09-05 11:23:19 -07:00
app.te Additions for grouper/JB 2012-08-10 06:25:52 -04:00
attributes Only enforce per-app process and file isolation via SELinux for third party apps, not platform apps. 2012-07-27 11:07:09 -04:00
bluetooth.te SE Android policy. 2012-01-04 12:33:27 -05:00
bluetoothd.te SE Android policy. 2012-01-04 12:33:27 -05:00
cts.te read permission over lnk_file to devices when android_cts enabled 2012-07-30 16:02:36 -04:00
dbusd.te SE Android policy. 2012-01-04 12:33:27 -05:00
debuggerd.te Additions for grouper/JB 2012-08-10 06:25:52 -04:00
device.te Target the denials/policies over qtaguid file and device: 1. Relabel /proc/net/xt_qtaguid/ctrl from "qtaguid" to "qtaguid_proc"; 2. Label /dev/xt_qtaguid with "qtaguid_device"; 3. Allow mediaserver read/[write] to qtaguid_proc and qtaguid_device; 4. Allow media apps read/[write] to qtaguid_proc and qtaguid_device; 5. Allow system read/[write] to qtaguid_proc and qtaguid_device. 2012-07-19 16:11:24 -04:00
dhcp.te dhcp policy. 2012-08-15 06:25:14 -04:00
domain.te Allow debugfs access and setsched for mediaserver. 2012-08-09 08:36:10 -04:00
drmserver.te Trusted Execution Environment policy. 2012-08-13 06:09:39 -04:00
file_contexts Add tf_daemon labeling support. 2012-08-24 08:23:20 -04:00
file.te New asec container labeling. 2012-07-30 14:20:40 -04:00
fs_use Support for ocontexts per device. 2012-07-12 10:02:45 -04:00
genfs_contexts Target the denials/policies over qtaguid file and device: 1. Relabel /proc/net/xt_qtaguid/ctrl from "qtaguid" to "qtaguid_proc"; 2. Label /dev/xt_qtaguid with "qtaguid_device"; 3. Allow mediaserver read/[write] to qtaguid_proc and qtaguid_device; 4. Allow media apps read/[write] to qtaguid_proc and qtaguid_device; 5. Allow system read/[write] to qtaguid_proc and qtaguid_device. 2012-07-19 16:11:24 -04:00
global_macros Add key_socket class to socket_class_set macro. Allow system to trigger module auto-loading and to write to sockets created under /dev. 2012-06-28 14:28:24 -04:00
gpsd.te Trusted Execution Environment policy. 2012-08-13 06:09:39 -04:00
hci_attach.te Policy for hci_attach service. 2012-05-31 09:40:12 -04:00
init.te SE Android policy. 2012-01-04 12:33:27 -05:00
initial_sid_contexts Restore devnull initial sid context. 2012-07-12 10:14:38 -04:00
initial_sids SE Android policy. 2012-01-04 12:33:27 -05:00
installd.te installd unlink platform_app_data_file 2012-07-27 16:16:39 -04:00
kernel.te SE Android policy. 2012-01-04 12:33:27 -05:00
keystore.te Trusted Execution Environment policy. 2012-08-13 06:09:39 -04:00
mac_permissions.xml Add mac_permissions.xml file. 2012-07-30 09:33:03 -04:00
mediaserver.te Trusted Execution Environment policy. 2012-08-13 06:09:39 -04:00
mls Rewrite MLS constraints to only constrain open for app_data_file, not read/write. 2012-03-19 10:32:24 -04:00
mls_macros SE Android policy. 2012-01-04 12:33:27 -05:00
mtp.te Add ppp/mtp policy. 2012-08-20 06:19:36 -04:00
net.te SE Android policy. 2012-01-04 12:33:27 -05:00
netd.te Further policy for Motorola Xoom. 2012-01-06 10:25:53 -05:00
nfc.te Remove all denials caused by rild on tuna devices. 2012-06-07 11:52:51 -04:00
NOTICE Public domain notice 2012-06-19 07:29:55 -04:00
policy_capabilities SE Android policy. 2012-01-04 12:33:27 -05:00
port_contexts Support for ocontexts per device. 2012-07-12 10:02:45 -04:00
ppp.te Add ppp/mtp policy. 2012-08-20 06:19:36 -04:00
property_contexts Add persist.mac_enforcing_mode context 2012-06-28 10:51:25 -04:00
property.te Add policy for property service. 2012-04-04 10:11:16 -04:00
qemud.te SE Android policy. 2012-01-04 12:33:27 -05:00
radio.te Add policy for property service. 2012-04-04 10:11:16 -04:00
rild.te Corrected denials for LocationManager when accessing gps over uart. 2012-07-12 09:27:40 -04:00
roles Add explicit role declaration for newer checkpolicy versions. 2012-01-12 09:58:37 -05:00
sdcardd.te Address various denials introduced by JB/4.1. 2012-07-12 13:26:15 -04:00
seapp_contexts seinfo can be used to select types, and sebool is now supported. 2012-07-27 17:08:21 -04:00
security_classes Add policy for property service. 2012-04-04 10:11:16 -04:00
selinux-network.sh Add selinux network script to policy 2012-06-21 09:19:43 -04:00
servicemanager.te SE Android policy. 2012-01-04 12:33:27 -05:00
shell.te Add policy for property service. 2012-04-04 10:11:16 -04:00
su.te SE Android policy. 2012-01-04 12:33:27 -05:00
surfaceflinger.te Address various denials introduced by JB/4.1. 2012-07-12 13:26:15 -04:00
system.te Add ppp/mtp policy. 2012-08-20 06:19:36 -04:00
te_macros Only enforce per-app process and file isolation via SELinux for third party apps, not platform apps. 2012-07-27 11:07:09 -04:00
tee.te Trusted Execution Environment policy. 2012-08-13 06:09:39 -04:00
ueventd.te Remove all denials caused by rild on tuna devices. 2012-06-07 11:52:51 -04:00
unconfined.te Add policy for property service. 2012-04-04 10:11:16 -04:00
users SE Android policy. 2012-01-04 12:33:27 -05:00
vold.te Address various denials introduced by JB/4.1. 2012-07-12 13:26:15 -04:00
wpa_supplicant.te Additions for grouper/JB 2012-08-10 06:25:52 -04:00
zygote.te SE Android policy. 2012-01-04 12:33:27 -05:00