u:r:system_app:s0 system 6167 182 com.android.systemui:screenshot
Tai On 3/5/14, 2:15 PM, "Stephen Smalley" <[email protected]> wrote: >On 03/05/2014 02:11 PM, Tai Nguyen (tainguye) wrote: >> All, >> >> When I take the screen snapshot by pressing power button and volume >>down button. The image is not save correctly because >> >> audit(1394045168.562:4): avc: denied { write } for pid=6267 >>comm=4173796E635461736B202331 >>path="/storage/sdcard0/Pictures/Screenshots/Screenshot_2014-03-05-13-46-0 >>8.png" dev=fuse ino=1080366384 scontext=u:r:system_app:s0 >>tcontext=u:object_r:sdcard_internal:s0 tclass=file >> >> I only see the rule to grant system_app for sdcard_type:dir, but not >>file, in system_app.te >> >> >> # Settings app reads sdcard for storage stats >> >> allow system_app sdcard_type:dir r_dir_perms; >> >> It seems we need to add >> Allow system_app sdcard_type:file create_file_perms >> >> Not sure why I donĀ¹t see the audit message for create operation. We do >>have these rules for platform_app though >> >> platform_app.te:allow platformappdomain sdcard_type:dir >>create_dir_perms; >> >> platform_app.te:allow platformappdomain sdcard_type:file >>create_file_perms; > >Why is that app running in system_app (i.e. why it is running with the >system UID)? ps -Z output would be interesting. > > _______________________________________________ Seandroid-list mailing list [email protected] To unsubscribe, send email to [email protected]. To get help, send an email containing "help" to [email protected].
