Lines Matching refs:apps

24 # Do not allow untrusted apps to register services.
29 # Do not allow untrusted apps to use VendorBinder
33 # Do not allow untrusted apps to connect to the property service
39 # Do not allow untrusted apps to be assigned mlstrustedsubject.
49 # Do not allow untrusted apps to hard link to any files.
53 # bugs, so we want to ensure untrusted apps never have this
57 # Do not allow untrusted apps to access network MAC address file
74 # Do not allow untrusted apps access to /cache
78 # Do not allow untrusted apps to create/unlink files outside of its sandbox,
89   -app_data_file            # The apps sandbox itself
90   -media_rw_data_file       # Internal storage. Known that apps can
102 # Do not allow untrusted apps to directly open tun_device
116 # Do not allow untrusted apps access to preloads data files
123 # Do not permit untrusted apps to perform actions on HwBinder service_manager
127 # Do not permit access from apps which host arbitrary code to HwBinder services,
128 # except those considered sufficiently safe for access from such apps.
132 #    HwBinder services either operate at a level below that of apps (e.g., HALs)
150 #   by surfaceflinger Binder service, which apps are permitted to access
152 #   Binder service which apps were permitted to access.
214 # SELinux is not an API for untrusted apps to use
217 # Restrict *Binder access from apps to HAL domains. We can only do this on full
218 # Treble devices where *Binder communications between apps and HALs are tightly