Searched refs:untrusted (Results 1 – 25 of 83) sorted by relevance
1234
| /system/sepolicy/prebuilts/api/28.0/private/ |
| D | app_neverallows.te | 2 ### neverallow rules for untrusted app domains
25 # Do not allow untrusted apps to register services.
30 # Do not allow untrusted apps to use VendorBinder
34 # Do not allow untrusted apps to connect to the property service
41 # but otherwise disallow untrusted apps from reading this property.
44 # Do not allow untrusted apps to be assigned mlstrustedsubject.
51 # and an untrusted app is allowed fork permission to itself.
54 # Do not allow untrusted apps to hard link to any files.
55 # In particular, if an untrusted app links to other app data
58 # bugs, so we want to ensure untrusted apps never have this
[all …]
|
| D | untrusted_app_27.te | 4 ### This file defines the rules for untrusted apps running with
7 ### This file defines the rules for untrusted apps.
|
| D | untrusted_app_all.te | 4 ### This file defines the rules shared by all untrusted app domains except
21 ### Note that rules that should apply to all untrusted apps must be in app.te or also
44 # Allow traceur to pass file descriptors through a content provider to untrusted apps
48 # untrusted apps should not be able to open trace data files, they should depend
110 # Allow untrusted apps read / execute access to /vendor/app for there can
124 # allow untrusted apps to use UDP sockets provided by the system server but not
|
| /system/sepolicy/prebuilts/api/27.0/private/ |
| D | app_neverallows.te | 2 ### neverallow rules for untrusted app domains
24 # Do not allow untrusted apps to register services.
29 # Do not allow untrusted apps to use VendorBinder
33 # Do not allow untrusted apps to connect to the property service
39 # Do not allow untrusted apps to be assigned mlstrustedsubject.
46 # and an untrusted app is allowed fork permission to itself.
49 # Do not allow untrusted apps to hard link to any files.
50 # In particular, if an untrusted app links to other app data
53 # bugs, so we want to ensure untrusted apps never have this
57 # Do not allow untrusted apps to access network MAC address file
[all …]
|
| D | untrusted_app.te | 4 ### This file defines the rules for untrusted apps.
27 # allow untrusted apps to use UDP sockets provided by the system server but not
|
| /system/sepolicy/prebuilts/api/26.0/private/ |
| D | app_neverallows.te | 2 ### neverallow rules for untrusted app domains
19 # Do not allow untrusted apps to register services.
24 # Do not allow untrusted apps to use VendorBinder
28 # Do not allow untrusted apps to connect to the property service
34 # Do not allow untrusted apps to be assigned mlstrustedsubject.
41 # and an untrusted app is allowed fork permission to itself.
44 # Do not allow untrusted apps to hard link to any files.
45 # In particular, if an untrusted app links to other app data
48 # bugs, so we want to ensure untrusted apps never have this
52 # Do not allow untrusted apps to access network MAC address file
[all …]
|
| D | vold.te | 11 # domain when working with untrusted block devices
|
| /system/sepolicy/private/ |
| D | app_neverallows.te | 2 ### neverallow rules for untrusted app domains
25 # Do not allow untrusted apps to register services.
30 # Do not allow untrusted apps to use VendorBinder
34 # Do not allow untrusted apps to connect to the property service
41 # but otherwise disallow untrusted apps from reading this property.
61 # Do not allow untrusted apps to invoke dex2oat. This was historically required
70 # Do not allow untrusted apps to be assigned mlstrustedsubject.
77 # and an untrusted app is allowed fork permission to itself.
80 # Do not allow untrusted apps to hard link to any files.
81 # In particular, if an untrusted app links to other app data
[all …]
|
| D | untrusted_app_all.te | 4 ### This file defines the rules shared by all untrusted app domains except
20 ### Note that rules that should apply to all untrusted apps must be in app.te or also
57 # Allow traceur to pass file descriptors through a content provider to untrusted apps
61 # untrusted apps should not be able to open trace data files, they should depend
104 # Allow untrusted apps to interact with gpuservice
137 # Allow untrusted apps read / execute access to /vendor/app for there can
155 # allow untrusted apps to use UDP sockets provided by the system server but not
|
| D | untrusted_app_27.te | 4 ### This file defines the rules for untrusted apps running with
7 ### This file defines the rules for untrusted apps.
|
| D | vold.te | 10 # domain when working with untrusted block devices
|
| /system/sepolicy/prebuilts/api/29.0/private/ |
| D | app_neverallows.te | 2 ### neverallow rules for untrusted app domains
25 # Do not allow untrusted apps to register services.
30 # Do not allow untrusted apps to use VendorBinder
34 # Do not allow untrusted apps to connect to the property service
41 # but otherwise disallow untrusted apps from reading this property.
61 # Do not allow untrusted apps to invoke dex2oat. This was historically required
70 # Do not allow untrusted apps to be assigned mlstrustedsubject.
77 # and an untrusted app is allowed fork permission to itself.
80 # Do not allow untrusted apps to hard link to any files.
81 # In particular, if an untrusted app links to other app data
[all …]
|
| D | untrusted_app_all.te | 4 ### This file defines the rules shared by all untrusted app domains except
20 ### Note that rules that should apply to all untrusted apps must be in app.te or also
57 # Allow traceur to pass file descriptors through a content provider to untrusted apps
61 # untrusted apps should not be able to open trace data files, they should depend
104 # Allow untrusted apps to interact with gpuservice
137 # Allow untrusted apps read / execute access to /vendor/app for there can
155 # allow untrusted apps to use UDP sockets provided by the system server but not
|
| D | untrusted_app_27.te | 4 ### This file defines the rules for untrusted apps running with
7 ### This file defines the rules for untrusted apps.
|
| D | vold.te | 10 # domain when working with untrusted block devices
|
| /system/sepolicy/prebuilts/api/28.0/public/ |
| D | blkid_untrusted.te | 1 # blkid for untrusted block devices
|
| D | webview_zygote.te | 2 # isolated_app processes for rendering untrusted web content.
|
| /system/sepolicy/prebuilts/api/29.0/public/ |
| D | blkid_untrusted.te | 1 # blkid for untrusted block devices
|
| D | webview_zygote.te | 2 # isolated_app processes for rendering untrusted web content.
|
| /system/sepolicy/public/ |
| D | blkid_untrusted.te | 1 # blkid for untrusted block devices
|
| D | webview_zygote.te | 2 # isolated_app processes for rendering untrusted web content.
|
| /system/sepolicy/prebuilts/api/26.0/public/ |
| D | blkid_untrusted.te | 1 # blkid for untrusted block devices
|
| D | webview_zygote.te | 2 # isolated_app processes for rendering untrusted web content.
|
| /system/sepolicy/prebuilts/api/27.0/public/ |
| D | blkid_untrusted.te | 1 # blkid for untrusted block devices
|
| D | webview_zygote.te | 2 # isolated_app processes for rendering untrusted web content.
|
1234