Lines Matching refs:apps

30 # Do not allow untrusted apps to register services.
35 # Do not allow untrusted apps to use VendorBinder
39 # Do not allow untrusted apps to connect to the property service
45 # net.dns properties are not a public API. Disallow untrusted apps from reading this property.
48 # radio_cdma_ecm_prop properties are not a public API. Disallow untrusted apps from reading this pr…
57 # Block calling execve() on files in an apps home directory.
68 # Do not allow untrusted apps to invoke dex2oat. This was historically required
70 # Exempt legacy apps (targetApi<=28) for compatibility.
77 # Do not allow untrusted apps to be assigned mlstrustedsubject.
87 # Do not allow untrusted apps to hard link to any files.
91 # bugs, so we want to ensure untrusted apps never have this
95 # Do not allow untrusted apps to access network MAC address file
130 # Do not allow untrusted apps access to /cache
134 # Do not allow untrusted apps to create/unlink files outside of its sandbox,
143   -app_data_file            # The apps sandbox itself
146   -media_rw_data_file       # Internal storage. Known that apps can
158 # Do not allow untrusted apps to directly open the tun_device
194 # Do not allow untrusted apps access to preloads data files
201 # Do not permit untrusted apps to perform actions on HwBinder service_manager
205 # Do not permit access from apps which host arbitrary code to the protected services
208 #    vendor code does not have a way to understand apps or their relation to
210 #    at a level below that of apps (e.g., HALs) or must not rely on app identity
221 # SELinux is not an API for untrusted apps to use
224 # Access to /proc/tty/drivers, to allow apps to determine if they
232 # Untrusted apps are not allowed to use cgroups.
244 # Only privileged apps may find the incident service