diff options
| author | Chirayu Desai <chirayudesai1@gmail.com> | 2022-06-21 19:43:27 +0530 |
|---|---|---|
| committer | Michael Bestas <mkbestas@lineageos.org> | 2022-06-24 12:45:21 +0200 |
| commit | 6bd2a4accacc1a9e823b2e66d6acb1b22e868741 (patch) | |
| tree | eb3afcb1c4c553e7e29aa2dda47e33291ae8c627 | |
| parent | 4fee50b713bccc61bc78f93b156c472d477e90c5 (diff) | |
RIP Snap
* No longer shipped
* 2015-2022
Change-Id: I692fc910d8050e7861da1e8e4cc565c5b9de9c08
| -rw-r--r-- | common/private/seapp_contexts | 1 | ||||
| -rw-r--r-- | common/private/snap_app.te | 39 |
2 files changed, 0 insertions, 40 deletions
diff --git a/common/private/seapp_contexts b/common/private/seapp_contexts index 66eb073..a960b57 100644 --- a/common/private/seapp_contexts +++ b/common/private/seapp_contexts @@ -1,2 +1 @@ -user=_app isPrivApp=true seinfo=platform name=org.lineageos.snap domain=snap_app type=app_data_file levelFrom=user user=_app isPrivApp=true seinfo=platform name=org.lineageos.updater domain=updater_app type=app_data_file levelFrom=user diff --git a/common/private/snap_app.te b/common/private/snap_app.te deleted file mode 100644 index 178aafa..0000000 --- a/common/private/snap_app.te +++ /dev/null @@ -1,39 +0,0 @@ -type snap_app, domain, coredomain; - -app_domain(snap_app) -net_domain(snap_app) - -# Access standard system services -allow snap_app app_api_service:service_manager find; -allow snap_app audioserver_service:service_manager find; -allow snap_app cameraserver_service:service_manager find; -allow snap_app drmserver_service:service_manager find; -allow snap_app mediaextractor_service:service_manager find; -allow snap_app mediaserver_service:service_manager find; -allow snap_app mediametrics_service:service_manager find; -allow snap_app nfc_service:service_manager find; -allow snap_app surfaceflinger_service:service_manager find; - -allow snap_app hidl_token_hwservice:hwservice_manager find; - -# Allow to read and execute camera app modules -typeattribute snap_app system_executes_vendor_violators; -allow snap_app vendor_file:file { rx_file_perms }; - -# Execute libraries from RenderScript cache -allow snap_app app_data_file:file { rx_file_perms }; - -# Execute /system/bin/bcc -allow snap_app rs_exec:file rx_file_perms; - -# Read memory info -allow snap_app proc_meminfo:file r_file_perms; - -# gdbserver / stack traces -allow snap_app self:process ptrace; - -# Read and write system app data files passed over Binder. -allow snap_app system_app_data_file:file { read write getattr }; - -# Binder call with gpuservice -binder_call(snap_app, gpuservice) |