| # app_zygote is an auxiliary zygote process that is used to spawn | |
| # isolated service processes for individual applications. It is | |
| # spawned from the regular zygote process as a "child zygote". | |
| type app_zygote, domain; | |
| type app_zygote_tmpfs, file_type; | |
| # system/sepolicy/public is for vendor-facing type and attribute definitions. | |
| # DO NOT ADD allow, neverallow, or dontaudit statements here. | |
| # Instead, add such policy rules to system/sepolicy/private/*.te. |