summaryrefslogtreecommitdiffstats
path: root/sepolicy/su.te
diff options
context:
space:
mode:
Diffstat (limited to 'sepolicy/su.te')
-rw-r--r--sepolicy/su.te4
1 files changed, 3 insertions, 1 deletions
diff --git a/sepolicy/su.te b/sepolicy/su.te
index 9b7d098..4e34dc9 100644
--- a/sepolicy/su.te
+++ b/sepolicy/su.te
@@ -1,10 +1,12 @@
-type superuser_device, file_type;
+type superuser_device, file_type, mlstrustedobject;
## Perms for the daemon
userdebug_or_eng(`
domain_trans(init, su_exec, sudaemon)
+ typeattribute sudaemon domain, mlstrustedsubject;
+
type_transition sudaemon socket_device:sock_file superuser_device;
# The userspace app uses /dev sockets to control per-app access
allow sudaemon superuser_device:dir { create rw_dir_perms setattr unlink };
generated by cgit v1.1 at 2024-06-17 10:29:35 +0000