mirror of
https://github.com/followmsi/android_device_asus_flo.git
synced 2024-09-21 02:58:05 +00:00
165b4ae091
Remove the ioctl permission for most socket types. For others, such as tcp/udp/rawip/unix_dgram/unix_stream set a default unprivileged whitelist that individual domains may extend (except where neverallowed like untrusted_app). Enforce via a neverallowxperm rule. Change-Id: I7573fdb24f9c53ad169bce2aeab1baac8b2a11ea
7 lines
197 B
Plaintext
7 lines
197 B
Plaintext
qmux_socket(rild)
|
|
|
|
# whitelist qualcomm specific ioctls
|
|
allow rild self:socket ioctl;
|
|
allowxperm rild self:socket ioctl msm_sock_ipc_ioctls;
|
|
allowxperm rild self:udp_socket ioctl priv_sock_ioctls;
|