On Mon, Jul 23, 2012 at 6:26 AM, Stephen Smalley <sds@xxxxxxxxxxxxx> wrote:
Hmm...it used to be that only radio could connect to rild.On Thu, 2012-07-19 at 16:07 -0700, Haiqing Jiang wrote:
> ---
> mediaserver.te | 3 +++
> 1 files changed, 3 insertions(+), 0 deletions(-)
>
> diff --git a/mediaserver.te b/mediaserver.te
> index d3f0334..6dd4d4a 100644
> --- a/mediaserver.te
> +++ b/mediaserver.te
> @@ -40,3 +40,6 @@ allow mediaserver camera_calibration_file:file r_file_perms;
> # Read/[write] to /proc/net/xt_qtaguid/ctrl and /dev/xt_qtaguid
> allow mediaserver qtaguid_proc:file rw_file_perms;
> allow mediaserver qtaguid_device:chr_file r_file_perms;
> +
> +# Talk to rild via socket
> +unix_socket_connect(mediaserver, rild, rild)
socket perms are 660 root radio, and mediaserver runs as media.
Doesn't seem like this is possible even under DAC. Clarification
requested?
--
Stephen Smalley
National Security Agency
-----------------------------------
Haiqing Jiang, PH.D studentComputer Science Department, North Carolina State University
