On 06/06/2016 05:39 AM, Sameer Joshi wrote: > Hi, > > We have one app in the device which needs to communicate with native > process using unix socket. > > We wanted to call WindowManager.Lock() also from this app. > > For this, we made changes into the Android.mk to have following: > > LOCAL_CERTIFICATE := platform > LOCAL_PRIVILEGED_MODULE := true > > This made the app belong to platform_app domain. We used this domain to > give it the permission to write to unix socket. It also helped to call > Lock() API mentioned above. > > Please let us know if this is valid change according to CTS compliance. > In general , can we use platform_app domain for the apps developed by > the device manufacturer.
platform_app can technically be used for any platform-signed app, but you should try to minimize its usage. Does the app actually need any signature-only Android permissions, or any permissions restricted to platform_app-only by SELinux? _______________________________________________ Seandroid-list mailing list Seandroid-list@tycho.nsa.gov To unsubscribe, send email to seandroid-list-le...@tycho.nsa.gov. To get help, send an email containing "help" to seandroid-list-requ...@tycho.nsa.gov.
