2018-07-09 11:16:22 -04:00
|
|
|
type init_fingerprint, domain;
|
|
|
|
|
type init_fingerprint_exec, exec_type, vendor_file_type, file_type;
|
2018-07-09 11:16:22 -04:00
|
|
|
typeattribute init_fingerprint data_between_core_and_vendor_violators;
|
2018-07-09 11:16:22 -04:00
|
|
|
|
|
|
|
|
# Allow for transition from init domain to init_fingerprint
|
|
|
|
|
init_daemon_domain(init_fingerprint)
|
|
|
|
|
|
|
|
|
|
# Shell script needs to execute /vendor/bin/sh
|
|
|
|
|
allow init_fingerprint vendor_shell_exec:file rx_file_perms;
|
|
|
|
|
allow init_fingerprint vendor_toolbox_exec:file rx_file_perms;
|
|
|
|
|
|
|
|
|
|
# Allow to delete file
|
2018-12-31 13:56:20 -05:00
|
|
|
allow init_fingerprint mnt_vendor_file:dir search;
|
2018-07-09 11:16:22 -04:00
|
|
|
allow init_fingerprint persist_drm_file:dir { read search open write remove_name };
|
2018-07-09 11:16:22 -04:00
|
|
|
allow init_fingerprint persist_drm_file:file { getattr unlink };
|
|
|
|
|
allow init_fingerprint system_data_file:file r_file_perms;
|
