Commit sha b263780156624c38b23d638be6a2d8bdd17511f8 on master selinuxproject/master.
It really provides two functions:
--
Respectfully,
William C Roberts
1. x.509 cert to seinfo string mapping for seapp_contexts so the zygote spawns it in the right domain...
2. install time permission checking
I think these should be submitted as two different patch sets to AOSP respective of their functionality. I think the x.509 cert checks will get pulled in and I am not sure on the install time permission checking.
I am also wondering if we really need mac_permisions.xml to be in in it's own repo. I think it should be in sepolicy since it is part of the policy of the device, like seapp_contexts.
What are the communities opinions on these comments?
Respectfully,
William C Roberts
