Advertisement
arter97

net.dns patch 3/3

May 19th, 2022
675
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. diff --git a/prebuilts/api/32.0/private/app_neverallows.te b/prebuilts/api/32.0/private/app_neverallows.te
  2. index c7fa4e8c5..45f6d99f8 100644
  3. --- a/prebuilts/api/32.0/private/app_neverallows.te
  4. +++ b/prebuilts/api/32.0/private/app_neverallows.te
  5. @@ -42,9 +42,6 @@ neverallow { all_untrusted_apps -mediaprovider } property_socket:sock_file write
  6.  neverallow { all_untrusted_apps -mediaprovider } init:unix_stream_socket connectto;
  7.  neverallow { all_untrusted_apps -mediaprovider } property_type:property_service set;
  8.  
  9. -# net.dns properties are not a public API. Disallow untrusted apps from reading this property.
  10. -neverallow { all_untrusted_apps } net_dns_prop:file read;
  11. -
  12.  # radio_cdma_ecm_prop properties are not a public API. Disallow untrusted apps from reading this property.
  13.  neverallow { all_untrusted_apps } radio_cdma_ecm_prop:file read;
  14.  
  15. diff --git a/prebuilts/api/32.0/private/domain.te b/prebuilts/api/32.0/private/domain.te
  16. index 78aaf55d6..7a583d8d9 100644
  17. --- a/prebuilts/api/32.0/private/domain.te
  18. +++ b/prebuilts/api/32.0/private/domain.te
  19. @@ -401,10 +401,6 @@ neverallow {
  20.    -zygote
  21.  } mirror_data_file:dir *;
  22.  
  23. -# This property is being removed. Remove remaining access.
  24. -neverallow { domain -init -system_server -vendor_init } net_dns_prop:property_service set;
  25. -neverallow { domain -dumpstate -init -system_server -vendor_init } net_dns_prop:file read;
  26. -
  27.  # Only core domains are allowed to access package_manager properties
  28.  neverallow { domain -init -system_server } pm_prop:property_service set;
  29.  neverallow { domain -coredomain } pm_prop:file no_rw_file_perms;
  30. diff --git a/private/app_neverallows.te b/private/app_neverallows.te
  31. index c7fa4e8c5..45f6d99f8 100644
  32. --- a/private/app_neverallows.te
  33. +++ b/private/app_neverallows.te
  34. @@ -42,9 +42,6 @@ neverallow { all_untrusted_apps -mediaprovider } property_socket:sock_file write
  35.  neverallow { all_untrusted_apps -mediaprovider } init:unix_stream_socket connectto;
  36.  neverallow { all_untrusted_apps -mediaprovider } property_type:property_service set;
  37.  
  38. -# net.dns properties are not a public API. Disallow untrusted apps from reading this property.
  39. -neverallow { all_untrusted_apps } net_dns_prop:file read;
  40. -
  41.  # radio_cdma_ecm_prop properties are not a public API. Disallow untrusted apps from reading this property.
  42.  neverallow { all_untrusted_apps } radio_cdma_ecm_prop:file read;
  43.  
  44. diff --git a/private/domain.te b/private/domain.te
  45. index 78aaf55d6..7a583d8d9 100644
  46. --- a/private/domain.te
  47. +++ b/private/domain.te
  48. @@ -401,10 +401,6 @@ neverallow {
  49.    -zygote
  50.  } mirror_data_file:dir *;
  51.  
  52. -# This property is being removed. Remove remaining access.
  53. -neverallow { domain -init -system_server -vendor_init } net_dns_prop:property_service set;
  54. -neverallow { domain -dumpstate -init -system_server -vendor_init } net_dns_prop:file read;
  55. -
  56.  # Only core domains are allowed to access package_manager properties
  57.  neverallow { domain -init -system_server } pm_prop:property_service set;
  58.  neverallow { domain -coredomain } pm_prop:file no_rw_file_perms;
  59.  
Advertisement
RAW Paste Data Copied
Advertisement