30 lines
1.2 KiB
Plaintext
30 lines
1.2 KiB
Plaintext
# ==============================================
|
|
# Common SEPolicy Rule
|
|
# ==============================================
|
|
|
|
typeattribute teeregistryd_app coredomain;
|
|
|
|
app_domain(teeregistryd_app)
|
|
|
|
binder_service(teeregistryd_app)
|
|
binder_use(teeregistryd_app)
|
|
|
|
add_service(teeregistryd_app, teeregistry_service)
|
|
|
|
hal_client_domain(teeregistryd_app, hal_teeregistry)
|
|
hal_client_domain(teeregistryd_app, hal_allocator)
|
|
|
|
allow teeregistryd_app activity_service:service_manager find;
|
|
allow teeregistryd_app connectivity_service:service_manager find;
|
|
allow teeregistryd_app display_service:service_manager find;
|
|
allow teeregistryd_app network_management_service:service_manager find;
|
|
allow teeregistryd_app tee_service:service_manager find;
|
|
allow teeregistryd_app fwmarkd_socket:sock_file write;
|
|
allow teeregistryd_app netd:unix_stream_socket connectto;
|
|
allow teeregistryd_app node:udp_socket node_bind;
|
|
allow teeregistryd_app port:udp_socket name_bind;
|
|
allow teeregistryd_app port:tcp_socket name_connect;
|
|
allow teeregistryd_app self:tcp_socket { create setopt read getopt getattr write connect };
|
|
allow teeregistryd_app dnsproxyd_socket:sock_file write;
|
|
allow teeregistryd_app self:udp_socket { create bind setattr };
|