Lines Matching refs:apps

19 # Do not allow untrusted apps to register services.
24 # Do not allow untrusted apps to use VendorBinder
28 # Do not allow untrusted apps to connect to the property service
34 # Do not allow untrusted apps to be assigned mlstrustedsubject.
44 # Do not allow untrusted apps to hard link to any files.
48 # bugs, so we want to ensure untrusted apps never have this
52 # Do not allow untrusted apps to access network MAC address file
69 # Do not allow untrusted apps access to /cache
73 # Do not allow untrusted apps to create/unlink files outside of its sandbox,
84   -app_data_file            # The apps sandbox itself
85   -media_rw_data_file       # Internal storage. Known that apps can
97 # Do not allow untrusted apps to directly open tun_device
111 # Do not allow untrusted apps access to preloads data files
118 # Do not permit untrusted apps to perform actions on HwBinder service_manager
122 # Do not permit access from apps which host arbitrary code to HwBinder services,
123 # except those considered sufficiently safe for access from such apps.
127 #    HwBinder services either operate at a level below that of apps (e.g., HALs)
145 #   by surfaceflinger Binder service, which apps are permitted to access
147 #   Binder service which apps were permitted to access.
204 # Restrict *Binder access from apps to HAL domains. We can only do this on full
205 # Treble devices where *Binder communications between apps and HALs are tightly