mirror of
https://github.com/Evolution-X-Devices/device_google_wahoo
synced 2026-02-01 07:50:47 +00:00
sepolicy: domain: remove world access to /dev/diag
This driver is not safe for general use, particularly for third party apps, even on debug builds. Adding OWNERS file in a subsequent commit to prevent security violations like this from getting checked in. Test: build Change-Id: I245244e924ae247b6fbd48aa033bb71cca6067de
This commit is contained in:
Jeff Vander Stoep
4
sepolicy/vendor/domain.te
vendored
4
sepolicy/vendor/domain.te
vendored
@@ -1,7 +1,3 @@
|
||||
userdebug_or_eng(`
|
||||
allow domain diag_device:chr_file rw_file_perms;
|
||||
')
|
||||
|
||||
# In order for /sys/kernel/debug/kgsl/proc/<pid>/mem
|
||||
# to be created for memory tracking, the domain of
|
||||
# the tracked process must have permission to search
|
||||
|
||||
Reference in New Issue
Block a user