###
### Untrusted_29.
###
### This file defines the rules for untrusted apps running with
### targetSdkVersion = 29.
###
### See public/untrusted_app.te for more information about which apps are
### placed in this selinux domain.
###

typeattribute untrusted_app_29 coredomain;

app_domain(untrusted_app_29)
untrusted_app_domain(untrusted_app_29)
net_domain(untrusted_app_29)
bluetooth_domain(untrusted_app_29)

# allow binding to netlink route sockets and sending RTM_GETLINK messages.
allow untrusted_app_29 self:netlink_route_socket { bind nlmsg_readpriv };
auditallow untrusted_app_29 self:netlink_route_socket { bind nlmsg_readpriv };