potter: address new denials

2017-04-28 11:03:15 +02:00
parent 785801d10f
commit de42e08969
3 changed files with 8 additions and 5 deletions
--- a/sepolicy/logd.te
+++ b/sepolicy/logd.te
@@ -0,0 +1 @@
+allow logd self:capability dac_override;
--- a/sepolicy/rild.te
+++ b/sepolicy/rild.te
@@ -1,9 +1,10 @@
-allow rild fsg_file:file r_file_perms;
-allow rild persist_file:dir search;
-allow rild persist_file:file rw_file_perms;
-
 allow rild cutback_data_file:dir rw_dir_perms;
 allow rild cutback_data_file:sock_file create_file_perms;
+allow rild fsg_file:file r_file_perms;
+allow rild fsg_file:dir r_dir_perms;
+allow rild fsg_file:lnk_file read;
+allow rild persist_file:dir search;
+allow rild persist_file:file rw_file_perms;
 allow rild sensorservice_service:service_manager find;
 allow rild system_server:binder { transfer call };
 allow rild system_server:unix_stream_socket { read getopt write };
--- a/sepolicy/wpa.te
+++ b/sepolicy/wpa.te
@@ -1,2 +1,3 @@
-allow wpa cutback_data_file:sock_file write;
+allow wpa cutback_data_file:dir rw_dir_perms;
+allow wpa cutback_data_file:sock_file rw_file_perms;
 allow wpa rild:unix_dgram_socket sendto;