Hello SEAndroid folks,
As I was browsing the rule of SEAndroid, I read a lot of "self" allow
rules (i.e allow bluetooth self:tun_socket create_socket_perms;). And i
was wondering about the usefulness of this rules.
For attributes, I see the usefulness of them :
allow bluetoothdomain self:socket create_socket_perms;
As the previous rule can be re-write as something like the following rule
and it's make perfect sense.
allow { platform_app system release_app radio untrusted_app shared_app }
{ platform_app system release_app radio untrusted_app shared_app } :
socket create_socket_perms
But for some rules like "allow bluetooth self:tun_socket
create_socket_perms" I do not see the usefulness. I mean a type has all
permission in its own domain? or I'm wrong and this permissions must be
present in the policy as well as others permissions?
Thanks,
François
_______________________________________________
Seandroid-list mailing list
[email protected]
To unsubscribe, send email to [email protected].
To get help, send an email containing "help" to
[email protected].
