commit | c3199dc0cdc1a658fce75d11694c21fd990948a9 | [log] [tgz] |
---|---|---|
author | Maciej Żenczykowski <maze@google.com> | Fri Jan 24 05:24:06 2020 -0800 |
committer | Maciej Żenczykowski <maze@google.com> | Fri Jan 24 05:25:25 2020 -0800 |
tree | c30aed3c33762c13414ebd920a1bf6f6b1730cfe | |
parent | 36c8f501aaf82b9a3c45e4b5d46bfd9e7531c982 [diff] |
netd does not require and should not have SYS_ADMIN nor module loading privs Any required functionally should be built into the kernel. Test: NA Signed-off-by: Maciej Żenczykowski <maze@google.com> Change-Id: Ide42a95a36707a2fec3b641cbdcacfbc44a16d3d
diff --git a/sepolicy/netd.te b/sepolicy/netd.te deleted file mode 100644 index a4af5c0..0000000 --- a/sepolicy/netd.te +++ /dev/null
@@ -1,2 +0,0 @@ -allow netd kernel:system { module_request }; -allow netd self:capability { sys_admin sys_module };