Lines Matching refs:apps
27 # Do not allow untrusted apps to register services.
32 # Do not allow untrusted apps to use VendorBinder
36 # Do not allow untrusted apps to connect to the property service
42 # net.dns properties are not a public API. Disallow untrusted apps from reading this property.
51 # Block calling execve() on files in an apps home directory.
62 # Do not allow untrusted apps to invoke dex2oat. This was historically required
64 # Exempt legacy apps (targetApi<=28) for compatibility.
71 # Do not allow untrusted apps to be assigned mlstrustedsubject.
81 # Do not allow untrusted apps to hard link to any files.
85 # bugs, so we want to ensure untrusted apps never have this
89 # Do not allow untrusted apps to access network MAC address file
124 # Do not allow untrusted apps access to /cache
128 # Do not allow untrusted apps to create/unlink files outside of its sandbox,
137 -app_data_file # The apps sandbox itself
140 -media_rw_data_file # Internal storage. Known that apps can
152 # Do not allow untrusted apps to directly open the tun_device
188 # Do not allow untrusted apps access to preloads data files
195 # Do not permit untrusted apps to perform actions on HwBinder service_manager
199 # Do not permit access from apps which host arbitrary code to the protected HwBinder
204 # HwBinder services either operate at a level below that of apps (e.g., HALs)
218 # SELinux is not an API for untrusted apps to use
221 # Access to /proc/tty/drivers, to allow apps to determine if they
229 # Untrusted apps are not allowed to use cgroups.
240 # Only privileged apps may find the incident service