1# debugger interface 2type tombstoned, domain, mlstrustedsubject; 3type tombstoned_exec, exec_type, file_type; 4 5# Write to arbitrary pipes given to us. 6allow tombstoned domain:fd use; 7allow tombstoned domain:fifo_file write; 8 9allow tombstoned domain:dir r_dir_perms; 10allow tombstoned domain:file r_file_perms; 11allow tombstoned tombstone_data_file:dir rw_dir_perms; 12allow tombstoned tombstone_data_file:file { create_file_perms link }; 13 14# TODO: Remove append / write permissions. They were temporarily 15# granted due to a bug which appears to have been fixed. 16allow tombstoned anr_data_file:file { append write }; 17auditallow tombstoned anr_data_file:file { append write }; 18 19# Changes for the new stack dumping mechanism. Each trace goes into a 20# separate file, and these files are managed by tombstoned. 21allow tombstoned anr_data_file:dir rw_dir_perms; 22allow tombstoned anr_data_file:file { create getattr open link unlink }; 23