commit | 8e68ded243988a0feeca20e8e2f8dbff280a9185 | [log] [tgz] |
---|---|---|
author | Jeff Vander Stoep <jeffv@google.com> | Tue Apr 26 11:29:14 2016 -0700 |
committer | The Android Automerger <android-build@google.com> | Fri May 27 10:27:27 2016 -0700 |
tree | a754574a8f3a79e925cbf14673e314ba9f32f3e0 | |
parent | 9bb43a76e992c9c66f10858696f6b74ebc16c77a [diff] |
Further restrict socket ioctls available to apps Restrict unix_dgram_socket and unix_stream_socket to a whitelist for all domains. Remove ioctl permission for netlink_selinux_socket and netlink_route_socket for netdomain. Bug: 28171804 Bug: 27424603 Change-Id: I650639115b8179964ae690a39e4766ead0032d2e