Piteball/android_device_asus_flo
1
0
Fork 0
mirror of https://github.com/followmsi/android_device_asus_flo.git synced 2024-09-21 02:58:05 +00:00
Code Issues Projects Releases Wiki Activity
android_device_asus_flo/sepolicy/rild.te
Jeff Vander Stoep 165b4ae091 Enforce ioctl command whitelisting on all sockets 
Remove the ioctl permission for most socket types. For others, such as
tcp/udp/rawip/unix_dgram/unix_stream set a default unprivileged whitelist
that individual domains may extend (except where neverallowed like
untrusted_app). Enforce via a neverallowxperm rule.

Change-Id: I7573fdb24f9c53ad169bce2aeab1baac8b2a11ea
2017-09-20 20:56:43 +00:00

7 lines
197 B
Plaintext
Raw Blame History

qmux_socket(rild)
# whitelist qualcomm specific ioctls
allow rild self:socket ioctl;
allowxperm rild self:socket ioctl msm_sock_ipc_ioctls;
allowxperm rild self:udp_socket ioctl priv_sock_ioctls;
Reference in a new issue View git blame Copy permalink