aboutsummaryrefslogtreecommitdiff
AgeCommit message (Expand)Author
2014-10-17Revert "Do not allow isolated_app to directly open app data files."android-l-preview_r2l-previewNick Kralevich
2014-10-16Exclude isolated_app from ptrace self.Stephen Smalley
2014-10-16Fix compile time / CTS gps_data_files neverallow assertionNick Kralevich
2014-10-16logd: Add klogdMark Salyzyn
2014-10-14maybe fix mac build.Nick Kralevich
2014-10-14Merge "Add neverallow checking to sepolicy-analyze."Daniel Cashman
2014-10-14fix whitespaceNick Kralevich
2014-10-14Add neverallow checking to sepolicy-analyze.Stephen Smalley
2014-10-06Do not allow isolated_app to directly open app data files.Stephen Smalley
2014-10-03Remove net_domain() from isolated_app.Stephen Smalley
2014-10-02Merge "isolated_app: remove app_data_file execute"Nick Kralevich
2014-10-02Define specific block device types for system and recovery partitions.Stephen Smalley
2014-10-01isolated_app: remove app_data_file executeNick Kralevich
2014-09-30Merge "Mark asec_apk_file as mlstrustedobject."Nick Kralevich
2014-09-30Fix fsck-related denials with encrypted userdata.Stephen Smalley
2014-09-30Mark asec_apk_file as mlstrustedobject.Stephen Smalley
2014-09-29seinfo for platform based domains should be stated explicitly.William Roberts
2014-09-28Do not allow init to execute anything without changing domains.Stephen Smalley
2014-09-27Dependencies for new goldfish service domains.Stephen Smalley
2014-09-26Enable selinux read_policy for adb pull.dcashman
2014-09-26Allow NFC to read/write nfc. system properties.Martijn Coenen
2014-09-26zygote: allow replacing /proc/cpuinfoNick Kralevich
2014-09-24allow apps to read the contents of mounted OBBsNick Kralevich
2014-09-23Merge "Enable per-user isolation for normal apps."Nick Kralevich
2014-09-22make su an mlstrustedsubjectNick Kralevich
2014-09-23Enable per-user isolation for normal apps.Stephen Smalley
2014-09-22relax appdomain efs_file neverallow rulesNick Kralevich
2014-09-21relax neverallow rules on NETLINK_KOBJECT_UEVENT socketsNick Kralevich
2014-09-19Define types for userdata and cache block devices.Stephen Smalley
2014-09-19Add support for factory reset protection.dcashman
2014-09-20Merge "Add isOwner= input selector for seapp_contexts."Nick Kralevich
2014-09-20Merge "More MLS trusted subject/object annotations."Nick Kralevich
2014-09-18Remove /dev/log/* accessNick Kralevich
2014-09-15Add isOwner= input selector for seapp_contexts.Stephen Smalley
2014-09-15More MLS trusted subject/object annotations.Stephen Smalley
2014-09-13Allow dumpstate to read /system/bin executables.Christopher Ferris
2014-09-11Allow appdomain read perms on apk_data_files.dcashman
2014-09-11isolated_app: Do not allow access to the gpu_device.Robert Sesek
2014-09-11Allow system reset_uid, sync_uid, password_uidRobin Lee
2014-09-08Annotate MLS trusted subjects and objects.Stephen Smalley
2014-09-04sdcardd: grant unmountNick Kralevich
2014-09-02Prohibit reading of untrusted symlinks via neverallow.Stephen Smalley
2014-09-01logd: permit app access to clear logsMark Salyzyn
2014-08-28Remove system_server create access from /data/dalvik-cacheBrian Carlstrom
2014-08-27support kernel writes to external SDcardsNick Kralevich
2014-08-25remove appdomain's ability to examine all of /procNick Kralevich
2014-08-25Merge "assert that no domain can set default properties"Nick Kralevich
2014-08-22assert that no domain can set default propertiesNick Kralevich
2014-08-22Merge "Add permissive domains check to sepolicy-analyze."dcashman
2014-08-22Add permissive domains check to sepolicy-analyze.dcashman
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-07 07:46:48 +0000