Home
last modified time | relevance | path

Searched refs:su (Results 1 – 25 of 152) sorted by relevance

1234567

/system/sepolicy/prebuilts/api/30.0/public/
Dsu.te3 type su, domain;
9 # Domain used for su processes, as well as for adbd and adb shell
12 typeattribute su mlstrustedsubject;
14 # Add su to various domains
15 net_domain(su)
17 # grant su access to vndbinder
18 vndbinder_use(su)
20 dontaudit su self:capability_class_set *;
21 dontaudit su kernel:security *;
22 dontaudit su { kernel file_type }:system *;
[all …]
Dcameraserver.te71 allow cameraserver su:fd use;
72 allow cameraserver su:fifo_file { read write };
73 allow cameraserver su:unix_stream_socket { read write };
/system/sepolicy/public/
Dsu.te3 type su, domain;
9 # Domain used for su processes, as well as for adbd and adb shell
12 typeattribute su mlstrustedsubject;
14 # Add su to various domains
15 net_domain(su)
17 # grant su access to vndbinder
18 vndbinder_use(su)
20 dontaudit su self:capability_class_set *;
21 dontaudit su kernel:security *;
22 dontaudit su { kernel file_type }:system *;
[all …]
/system/sepolicy/prebuilts/api/28.0/public/
Dsu.te3 type su, domain;
9 # Domain used for su processes, as well as for adbd and adb shell
12 typeattribute su mlstrustedsubject;
14 # Add su to various domains
15 net_domain(su)
17 # grant su access to vndbinder
18 vndbinder_use(su)
20 dontaudit su self:capability_class_set *;
21 dontaudit su kernel:security *;
22 dontaudit su kernel:system *;
[all …]
Dcameraserver.te62 allow cameraserver su:fd use;
63 allow cameraserver su:fifo_file { read write };
64 allow cameraserver su:unix_stream_socket { read write };
/system/sepolicy/prebuilts/api/29.0/public/
Dsu.te3 type su, domain;
9 # Domain used for su processes, as well as for adbd and adb shell
12 typeattribute su mlstrustedsubject;
14 # Add su to various domains
15 net_domain(su)
17 # grant su access to vndbinder
18 vndbinder_use(su)
20 dontaudit su self:capability_class_set *;
21 dontaudit su kernel:security *;
22 dontaudit su { kernel file_type }:system *;
[all …]
Dcameraserver.te71 allow cameraserver su:fd use;
72 allow cameraserver su:fifo_file { read write };
73 allow cameraserver su:unix_stream_socket { read write };
/system/sepolicy/prebuilts/api/27.0/public/
Dsu.te3 type su, domain;
9 # Domain used for su processes, as well as for adbd and adb shell
12 typeattribute su mlstrustedsubject;
14 # Add su to various domains
15 net_domain(su)
17 # grant su access to vndbinder
18 vndbinder_use(su)
20 dontaudit su self:capability_class_set *;
21 dontaudit su kernel:security *;
22 dontaudit su kernel:system *;
[all …]
/system/sepolicy/prebuilts/api/26.0/public/
Dsu.te3 type su, domain;
9 # Domain used for su processes, as well as for adbd and adb shell
12 typeattribute su mlstrustedsubject;
14 # Add su to various domains
15 net_domain(su)
17 # grant su access to vndbinder
18 vndbinder_use(su)
20 dontaudit su self:capability_class_set *;
21 dontaudit su kernel:security *;
22 dontaudit su kernel:system *;
[all …]
/system/sepolicy/prebuilts/api/27.0/private/
Dsu.te2 typeattribute su coredomain;
4 domain_auto_trans(shell, su_exec, su)
5 # Allow dumpstate to call su on userdebug / eng builds to collect
7 domain_auto_trans(dumpstate, su_exec, su)
9 # Make sure that dumpstate runs the same from the "su" domain as
11 domain_auto_trans(su, dumpstate_exec, dumpstate)
14 domain_auto_trans(su, incident_exec, incident)
16 # su is also permissive to permit setenforce.
17 permissive su;
19 app_domain(su)
/system/sepolicy/prebuilts/api/26.0/private/
Dsu.te2 typeattribute su coredomain;
4 domain_auto_trans(shell, su_exec, su)
5 # Allow dumpstate to call su on userdebug / eng builds to collect
7 domain_auto_trans(dumpstate, su_exec, su)
9 # Make sure that dumpstate runs the same from the "su" domain as
11 domain_auto_trans(su, dumpstate_exec, dumpstate)
14 domain_auto_trans(su, incident_exec, incident)
16 # su is also permissive to permit setenforce.
17 permissive su;
19 app_domain(su)
/system/sepolicy/private/
Dsu.te2 typeattribute su coredomain;
4 domain_auto_trans(shell, su_exec, su)
5 # Allow dumpstate to call su on userdebug / eng builds to collect
7 domain_auto_trans(dumpstate, su_exec, su)
9 # Make sure that dumpstate runs the same from the "su" domain as
11 domain_auto_trans(su, dumpstate_exec, dumpstate)
14 domain_auto_trans(su, incident_exec, incident)
17 domain_auto_trans(su, perfetto_exec, perfetto)
19 # su is also permissive to permit setenforce.
20 permissive su;
[all …]
Dinit.te28 # allow init to execute services marked with seclabel u:r:su:s0 in userdebug/eng
29 allow init su:process transition;
30 dontaudit init su:process noatsecure;
31 allow init su:process { siginh rlimitinh };
Dperfetto.te30 allow perfetto { statsd shell su }:fd use;
31 allow perfetto { statsd shell su }:fifo_file { getattr read write };
54 # As above, when adbd is running in "su" domain (only the ioctl is denied in
56 dontauditxperm perfetto su:unix_stream_socket ioctl unpriv_tty_ioctls;
/system/sepolicy/prebuilts/api/30.0/private/
Dsu.te2 typeattribute su coredomain;
4 domain_auto_trans(shell, su_exec, su)
5 # Allow dumpstate to call su on userdebug / eng builds to collect
7 domain_auto_trans(dumpstate, su_exec, su)
9 # Make sure that dumpstate runs the same from the "su" domain as
11 domain_auto_trans(su, dumpstate_exec, dumpstate)
14 domain_auto_trans(su, incident_exec, incident)
17 domain_auto_trans(su, perfetto_exec, perfetto)
19 # su is also permissive to permit setenforce.
20 permissive su;
[all …]
Dinit.te28 # allow init to execute services marked with seclabel u:r:su:s0 in userdebug/eng
29 allow init su:process transition;
30 dontaudit init su:process noatsecure;
31 allow init su:process { siginh rlimitinh };
Dapp.te30 # Exception for the shell and su domains, can transition to runas, etc.
34 neverallow { appdomain -shell userdebug_or_eng(`-su') }
36 neverallow { appdomain -shell userdebug_or_eng(`-su') }
Dperfetto.te30 allow perfetto { statsd shell su }:fd use;
31 allow perfetto { statsd shell su }:fifo_file { getattr read write };
54 # As above, when adbd is running in "su" domain (only the ioctl is denied in
56 dontauditxperm perfetto su:unix_stream_socket ioctl unpriv_tty_ioctls;
/system/sepolicy/prebuilts/api/29.0/private/
Dsu.te2 typeattribute su coredomain;
4 domain_auto_trans(shell, su_exec, su)
5 # Allow dumpstate to call su on userdebug / eng builds to collect
7 domain_auto_trans(dumpstate, su_exec, su)
9 # Make sure that dumpstate runs the same from the "su" domain as
11 domain_auto_trans(su, dumpstate_exec, dumpstate)
14 domain_auto_trans(su, incident_exec, incident)
17 domain_auto_trans(su, perfetto_exec, perfetto)
19 # su is also permissive to permit setenforce.
20 permissive su;
[all …]
Dinit.te27 # allow init to execute services marked with seclabel u:r:su:s0 in userdebug/eng
28 allow init su:process transition;
29 dontaudit init su:process noatsecure;
30 allow init su:process { siginh rlimitinh };
Dapp.te10 # Exception for the shell and su domains, can transition to runas, etc.
14 neverallow { appdomain -shell userdebug_or_eng(`-su') }
16 neverallow { appdomain -shell userdebug_or_eng(`-su') }
/system/sepolicy/prebuilts/api/28.0/private/
Dsu.te2 typeattribute su coredomain;
4 domain_auto_trans(shell, su_exec, su)
5 # Allow dumpstate to call su on userdebug / eng builds to collect
7 domain_auto_trans(dumpstate, su_exec, su)
9 # Make sure that dumpstate runs the same from the "su" domain as
11 domain_auto_trans(su, dumpstate_exec, dumpstate)
14 domain_auto_trans(su, incident_exec, incident)
17 domain_auto_trans(su, perfetto_exec, perfetto)
19 # su is also permissive to permit setenforce.
20 permissive su;
[all …]
Dperfprofd.te6 # Only servicemanager, statsd, su and systemserver can communicate.
8 neverallow perfprofd { domain userdebug_or_eng(`-servicemanager -statsd -su -system_server') }:bind…
/system/extras/su/
DAndroid.mk6 LOCAL_SRC_FILES:= su.cpp
8 LOCAL_MODULE:= su
/system/apex/tests/testdata/
Dtrigger_watchdog.rc5 exec_background u:r:su:s0 -- /system/bin/sh /system/bin/trigger_watchdog.sh
11 exec_background u:r:su:s0 -- /system/bin/sh /system/bin/trigger_reboot.sh
16 exec_background u:r:su:s0 -- /system/bin/sh /system/bin/trigger_reboot.sh

1234567