Re: [PATCH 2/6] external/sepolicy: mediaserver open application data files

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Thanks. I should be more careful to find the related existing policies. 

On Mon, Jul 23, 2012 at 6:23 AM, Stephen Smalley <sds@xxxxxxxxxxxxx> wrote:
On Thu, 2012-07-19 at 16:07 -0700, Haiqing Jiang wrote:
> ---
>  mediaserver.te |    1 +
>  1 files changed, 1 insertions(+), 0 deletions(-)
>
> diff --git a/mediaserver.te b/mediaserver.te
> index 057e39d..d3f0334 100644
> --- a/mediaserver.te
> +++ b/mediaserver.te
> @@ -25,6 +25,7 @@ allow mediaserver sysfs:file rw_file_perms;
>  # XXX Why?
>  allow mediaserver apk_data_file:file { read getattr };
>  allow mediaserver ion_device:chr_file rw_file_perms;
> +allow mediaserver app_data_file:file open;
>
>  # To use remote processor
>  allow mediaserver rpmsg_device:chr_file rw_file_perms;

If this is required, then merge it into the existing allow rule for
app_data_file, at which point you can just use r_file_perms;
--
Stephen Smalley
National Security Agency




--
-----------------------------------
Haiqing Jiang, PH.D student

Computer Science Department, North Carolina State University


[Index of Archives]     [Selinux Refpolicy]     [Linux SGX]     [Fedora Users]     [Fedora Desktop]     [Yosemite Photos]     [Yosemite Camping]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux