Lines Matching refs:apps

27 # Do not allow untrusted apps to register services.
32 # Do not allow untrusted apps to use VendorBinder
36 # Do not allow untrusted apps to connect to the property service
42 # net.dns properties are not a public API. Disallow untrusted apps from reading this property.
51 # Block calling execve() on files in an apps home directory.
62 # Do not allow untrusted apps to invoke dex2oat. This was historically required
64 # Exempt legacy apps (targetApi<=28) for compatibility.
71 # Do not allow untrusted apps to be assigned mlstrustedsubject.
81 # Do not allow untrusted apps to hard link to any files.
85 # bugs, so we want to ensure untrusted apps never have this
89 # Do not allow untrusted apps to access network MAC address file
124 # Do not allow untrusted apps access to /cache
128 # Do not allow untrusted apps to create/unlink files outside of its sandbox,
137   -app_data_file            # The apps sandbox itself
140   -media_rw_data_file       # Internal storage. Known that apps can
152 # Do not allow untrusted apps to directly open the tun_device
209 # Do not allow untrusted apps access to preloads data files
216 # Do not permit untrusted apps to perform actions on HwBinder service_manager
220 # Do not permit access from apps which host arbitrary code to the protected HwBinder
225 #    HwBinder services either operate at a level below that of apps (e.g., HALs)
239 # SELinux is not an API for untrusted apps to use
242 # Access to /proc/tty/drivers, to allow apps to determine if they
250 # Untrusted apps are not allowed to use cgroups.
261 # Only privileged apps may find the incident service