xavi
/
mm_device_meizu_m2note
mirror of https://github.com/Moyster/mm_device_meizu_m2note
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
mm_device_meizu_m2note/sepolicy/permission_check.te

53 lines
2.1 KiB
Plaintext
Raw Permalink Blame History

# ==============================================
# Policy File of /system/binpermission_check Executable File
# ==============================================
# Type Declaration
# ==============================================
type permission_check_exec , exec_type, file_type;
type permission_check ,domain;
# ==============================================
# Android Policy Rule
# ==============================================
# ==============================================
# NSA Policy Rule
# ==============================================
# ==============================================
# MTK Policy Rule
# ==============================================
#permissive permission_check;
init_daemon_domain(permission_check)
#unconfined_domain(permission_check)
allow permission_check persist_md_prop: property_service set;
allow permission_check init:unix_stream_socket connectto;
allow permission_check nvram_data_file:dir { rw_dir_perms setattr };
allow permission_check nvram_data_file:file { write create open setattr getattr };
allow permission_check nvram_data_file:lnk_file read;
allow permission_check nvdata_file:dir { rw_dir_perms setattr };
allow permission_check nvdata_file:file { write create open setattr getattr };
allow permission_check property_socket:sock_file write;
allow permission_check protect_f_data_file:dir { read getattr open setattr search };
allow permission_check protect_s_data_file:dir { read getattr open setattr search };
allow permission_check protect_f_data_file:file { getattr setattr };
allow permission_check protect_s_data_file:file { getattr setattr };
allow permission_check self:capability { fowner chown dac_override fsetid };
allow permission_check shell_exec:file { read execute open execute_no_trans };
allow permission_check system_file:file { read getattr open execute execute_no_trans };
allow permission_check ccci_cfg_file:dir create_dir_perms;
allow permission_check ccci_cfg_file:file create_file_perms;
allow permission_check mdlog_data_file:dir { read search setattr open };
allow permission_check mdlog_data_file:fifo_file setattr;
allow permission_check mdlog_data_file:file setattr;
Reference in New Issue View Git Blame Copy Permalink