• Home
  • Raw
  • Download

Lines Matching refs:allow

12 allow shell pstorefs:dir search;
13 allow shell pstorefs:file r_file_perms;
16 allow shell rootfs:dir r_dir_perms;
19 allow shell anr_data_file:dir r_dir_perms;
20 allow shell anr_data_file:file r_file_perms;
23 allow shell shell_data_file:dir create_dir_perms;
24 allow shell shell_data_file:file create_file_perms;
25 allow shell shell_data_file:file rx_file_perms;
26 allow shell shell_data_file:lnk_file create_file_perms;
29 allow shell shell_test_data_file:dir create_dir_perms;
30 allow shell shell_test_data_file:file create_file_perms;
31 allow shell shell_test_data_file:file rx_file_perms;
32 allow shell shell_test_data_file:lnk_file create_file_perms;
33 allow shell shell_test_data_file:sock_file create_file_perms;
36 allow shell trace_data_file:file { r_file_perms unlink };
37 allow shell trace_data_file:dir { r_dir_perms remove_name write };
40 allow shell profman_dump_data_file:dir { write remove_name r_dir_perms };
41 allow shell profman_dump_data_file:file { unlink r_file_perms };
45   allow shell nativetest_data_file:dir r_dir_perms;
46   allow shell nativetest_data_file:file rx_file_perms;
52 allow shell devpts:chr_file rw_file_perms;
53 allow shell tty_device:chr_file rw_file_perms;
54 allow shell console_device:chr_file rw_file_perms;
56 allow shell input_device:dir r_dir_perms;
57 allow shell input_device:chr_file r_file_perms;
60 allow shell system_file:file x_file_perms;
61 allow shell toolbox_exec:file rx_file_perms;
62 allow shell tzdatacheck_exec:file rx_file_perms;
63 allow shell shell_exec:file rx_file_perms;
64 allow shell zygote_exec:file rx_file_perms;
69   # "systrace --boot" support - allow boottrace service to run
70   allow shell boottrace_data_file:dir rw_dir_perms;
71   allow shell boottrace_data_file:file create_file_perms;
74 # allow shell access to services
75 allow shell servicemanager:service_manager list;
76 # don't allow shell to access GateKeeper service
79 allow shell {
95 allow shell dumpstate:binder call;
97 # allow shell to get information from hwservicemanager
100 allow shell hwservicemanager:hwservice_manager list;
102 # allow shell to look through /proc/ for lsmod, ps, top, netstat, vmstat.
105 allow shell {
122 # allow listing network interfaces under /sys/class/net.
123 allow shell sysfs_net:dir r_dir_perms;
126 allow shell cgroup_desc_file:file r_file_perms;
127 allow shell cgroup_desc_api_file:file r_file_perms;
128 allow shell vendor_cgroup_desc_file:file r_file_perms;
130 allow shell domain:dir { search open read getattr };
131 allow shell domain:{ file lnk_file } { open read getattr };
135 allow shell { proc labeledfs }:filesystem getattr;
138 allow shell device:dir getattr;
140 # allow shell to read /proc/pid/attr/current for ps -Z
141 allow shell domain:process getattr;
144 allow shell selinuxfs:dir r_dir_perms;
145 allow shell selinuxfs:file r_file_perms;
150 allow shell bootchart_data_file:dir rw_dir_perms;
151 allow shell bootchart_data_file:file create_file_perms;
154 allow shell self:process ptrace;
156 # allow shell to get battery info
157 allow shell sysfs:dir r_dir_perms;
158 allow shell sysfs_batteryinfo:dir r_dir_perms;
159 allow shell sysfs_batteryinfo:file r_file_perms;
161 # allow shell to list /sys/class/block/ to get storage type for CTS
162 allow shell sysfs_block:dir r_dir_perms;
165 allow shell ion_device:chr_file rw_file_perms;
171 allow shell dev_type:dir r_dir_perms;
172 allow shell dev_type:chr_file getattr;
175 allow shell proc:lnk_file getattr;
181 allow shell dev_type:blk_file getattr;
184 allow shell file_contexts_file:file r_file_perms;
185 allow shell property_contexts_file:file r_file_perms;
186 allow shell seapp_contexts_file:file r_file_perms;
187 allow shell service_contexts_file:file r_file_perms;
188 allow shell sepolicy_file:file r_file_perms;
191 allow shell vendor_shell_exec:file rx_file_perms;
196   allow shell rootfs:file rx_file_perms;
203 # Do not allow shell to hard link to any files.
211 # Do not allow privileged socket ioctl commands