[ALPS04760196] audioserver: fix high risk sepolicy

[Detail] 1. Remove system_data_file access rule 2. Remove socket access in audioserver MTK-Commit-Id: 53231b8b52745a21cc302833524911c55bab4960 Change-Id: I661f78bfbe0377bf88445494af0f33edb5f4fef7 CR-Id: ALPS04760196 Feature: [Module]Proprietary Audio Utility
2020-01-18 10:20:04 +08:00 · 2020-01-18 10:20:04 +08:00 · 9e238bfba9
commit 9e238bfba9
parent ae6fbad5e9
1 changed files with 0 additions and 3 deletions
--- a/plat_private/audioserver.te
+++ b/plat_private/audioserver.te
@ -47,16 +47,13 @@ allow audioserver untrusted_app:dir search;
 # Date : WK15.34
 # Operation : Migration
 # Purpose: for camera middleware dump image buffer to sdcard & audio frameworks dump
-allow audioserver system_data_file:dir write;
 allow audioserver storage_file:lnk_file {read write};
 allow audioserver mnt_user_file:dir {write read search};
 allow audioserver mnt_user_file:lnk_file {read write};

 # Purpose: Dump debug info
 allow audioserver kmsg_device:chr_file { open write };
-allow audioserver property_socket:sock_file write;
 allow audioserver media_rw_data_file:dir { create_dir_perms };
-allow audioserver init:unix_stream_socket connectto;

 # Date : WK16.27
 # Operation : Migration