commit | daa2c25b87657f40477e46e32bbbf291b3a45541 | [log] [tgz] |
---|---|---|
author | Jeff Vander Stoep <jeffv@google.com> | Tue Apr 26 11:29:14 2016 -0700 |
committer | The Android Automerger <android-build@google.com> | Fri May 27 11:07:55 2016 -0700 |
tree | efd3c67621ca84d3b8e6a00b1490afcdec95c63e | |
parent | d76ccadb97b94277c65a9f1660ae763bce250132 [diff] |
Further restrict socket ioctls available to apps Restrict unix_dgram_socket and unix_stream_socket to a whitelist for all domains. Remove ioctl permission for netlink_selinux_socket and netlink_route_socket for netdomain. Bug: 28171804 Bug: 27424603 Change-Id: I650639115b8179964ae690a39e4766ead0032d2e