Bill,
On Thu, Mar 21, 2013 at 1:41 PM, Stephen Smalley <s...@tycho.nsa.gov> wrote: > On 03/21/2013 12:48 PM, William Roberts wrote: > >> ok, that works for me, I didn't know if it was a controllable flag >> through selinuxfs. >> > > I think the only way to do that would be wrap all dontaudit statements > with a conditional on a policy boolean. Then you could switch the boolean > to enable/disable them. > > More easily we could just have the Makefile always post-process the > policy.conf to strip all dontaudit rules and generate a separate copy of > the binary policy. Then you could easily adb push that to /data/security > and reload as needed. > > > > > > > -- > This message was distributed to subscribers of the seandroid-list mailing > list. > If you no longer wish to subscribe, send mail to majord...@tycho.nsa.govwith > the words "unsubscribe seandroid-list" without quotes as the message. >
