summaryrefslogtreecommitdiff
path: root/prebuilts/api/32.0/private/mlstrustedsubject.te
diff options
context:
space:
mode:
Diffstat (limited to 'prebuilts/api/32.0/private/mlstrustedsubject.te')
-rw-r--r--prebuilts/api/32.0/private/mlstrustedsubject.te30
1 files changed, 30 insertions, 0 deletions
diff --git a/prebuilts/api/32.0/private/mlstrustedsubject.te b/prebuilts/api/32.0/private/mlstrustedsubject.te
new file mode 100644
index 000000000..22482d9b7
--- /dev/null
+++ b/prebuilts/api/32.0/private/mlstrustedsubject.te
@@ -0,0 +1,30 @@
+# MLS override can't be used to access private app data.
+
+# Apps should not normally be mlstrustedsubject, but if they must be
+# they cannot use this to access app private data files; their own app
+# data files must use a different label.
+
+neverallow {
+ mlstrustedsubject
+ -installd
+ -iorap_prefetcherd
+ -iorap_inode2filename
+} { app_data_file privapp_data_file }:file ~{ read write map getattr ioctl lock append };
+
+neverallow {
+ mlstrustedsubject
+ -installd
+ -iorap_prefetcherd
+ -iorap_inode2filename
+} { app_data_file privapp_data_file }:dir ~{ read getattr search };
+
+neverallow {
+ mlstrustedsubject
+ -installd
+ -iorap_prefetcherd
+ -iorap_inode2filename
+ -system_server
+ -adbd
+ -runas
+ -zygote
+} { app_data_file privapp_data_file }:dir { read getattr search };
generated by cgit v1.2.3 (git 2.25.1) at 2025-10-03 06:29:34 +0000