15 lines
648 B
Plaintext
15 lines
648 B
Plaintext
allow untrusted_app_25 sysfs_net:dir { search };
|
|
#TODO removed for Q
|
|
#allow untrusted_app_25 vendor_file:file { read open getattr };
|
|
dontaudit untrusted_app_25 mnt_vendor_file:dir { search };
|
|
|
|
allow untrusted_app_25 unlabeled:dir { search read open getattr };
|
|
allow untrusted_app_25 unlabeled:file { open read getattr };
|
|
allow untrusted_app_25 rootfs:dir { search read open getattr };
|
|
allow untrusted_app_25 block_device:dir { getattr search };
|
|
allow untrusted_app_25 ota_data_file:dir rw_dir_perms;
|
|
allow untrusted_app_25 ota_data_file:file rw_file_perms;
|
|
allow untrusted_app_25 oemfs:file {execmod};
|
|
|
|
rw_rockchip_graphic_device(untrusted_app_25)
|