[ALPS04760297] SEPolicy Optimize

Revise high risk SEPolicies.

MTK-Commit-Id: 54290cb8aeb0fbb67310ed0cffe826684158effe

CR-Id: ALPS04760297
Feature: Connsys Log Tool
Change-Id: I369c7a917f8ee9cc95e0db14e552ce9195583a14

non_plat/connsyslogger.te

@@ -21,8 +21,8 @@ allow connsyslogger consyslog_data_file:file { create_file_perms };
 allow connsyslogger system_data_file:dir { create_dir_perms relabelfrom};
 
 #consys logger socket access
-allow connsyslogger property_socket:sock_file write;
-allow connsyslogger init:unix_stream_socket connectto;
+#allow connsyslogger property_socket:sock_file write;
+#allow connsyslogger init:unix_stream_socket connectto;
 
 allow connsyslogger tmpfs:lnk_file { create_file_perms };
 

non_plat/mdlogger.te

@@ -1,7 +1,6 @@
 #allow mdlogger to set property
-allow mdlogger debug_mdlogger_prop:property_service set;
-allow mdlogger debug_prop:property_service set;
-
+set_prop(mdlogger, debug_mdlogger_prop)
+set_prop(mdlogger, debug_prop)
 # ccci device for internal modem
 allow mdlogger ccci_device:chr_file { rw_file_perms };
 

plat_private/mdlogger.te

@@ -13,8 +13,8 @@ binder_use(mdlogger)
 binder_service(mdlogger)
 
 # modem logger socket access
-allow mdlogger init:unix_stream_socket connectto;
-allow mdlogger property_socket:sock_file write;
+#allow mdlogger init:unix_stream_socket connectto;
+#allow mdlogger property_socket:sock_file write;
 allow mdlogger platform_app:unix_stream_socket connectto;
 allow mdlogger shell_exec:file { rx_file_perms };
 allow mdlogger system_file:file x_file_perms;