| commit | 0889dfde7f01a8632f571adf268f4a8c04a11e23 | [log] [tgz] |
|---|---|---|
| author | Nick Kralevich <nnk@google.com> | Mon Aug 24 12:42:46 2015 -0700 |
| committer | Nick Kralevich <nnk@google.com> | Mon Aug 24 12:42:46 2015 -0700 |
| tree | b05c4a0c53a1a48f4d1400282a44716d29972082 | |
| parent | 1cc46dbf85c47c566c8591eecfbf3c77e6146c6f [diff] |
occam: fix build /data/local/tmp access was neverallowed in https://android-review.googlesource.com/168051 Remove the allow rules for surfaceflinger. Change-Id: Ic4fb3a646df158baa5a56de72ffc63fe9405531a
diff --git a/sepolicy/surfaceflinger.te b/sepolicy/surfaceflinger.te index 2fd3955..aca5928 100644 --- a/sepolicy/surfaceflinger.te +++ b/sepolicy/surfaceflinger.te
@@ -1,6 +1 @@ allow surfaceflinger sysfs:file rw_file_perms; - -# Read from /data/local/tmp -allow surfaceflinger shell_data_file:dir search; -allow surfaceflinger shell_data_file:file { open getattr read }; -allow surfaceflinger shell_data_file:lnk_file read;