We have a boolean that does this feature at the package installation phase.
If you set persist.mac_applyNameTypes to true, a type that is the same as the package name will be added to the list of types. If you set persist.mac_applePermTypes to true, for each permission, a type that is the same as that permission wil be added to the list of types. This code is in frameworks/base/core/java/android/content/pm/MMACtypes.java getTypes(). On Fri, Jan 4, 2013 at 8:00 AM, Peck, Michael A <[email protected]> wrote: > It looks like Intent MAC is currently only working when the policy’s > source or destination (in intent_mac.xml) is a package type, and not > working when the policy’s source or destination is a package name. I > assume you want package names to work too since intent_mac.xml uses them.* > *** > > ** ** > > The following code stuffs the package name in along with the package types > that are being compared to the policies and appears to fix the problem.*** > * > > ** ** > > diff --git > a/services/java/com/android/server/pm/PackageManagerService.java > b/services/java/com/android/server/pm/PackageManagerService.java**** > > index 7b6142c..2e6e31d 100644**** > > --- a/services/java/com/android/server/pm/PackageManagerService.java**** > > +++ b/services/java/com/android/server/pm/PackageManagerService.java**** > > @@ -2735,9 +2735,11 @@ public class PackageManagerService extends > IPackageManager.Stub {**** > > PackageParser.Package pkg = mPackages.get(pkgName);**** > > callingPkgs.add(pkg);**** > > callingTypes.addAll(getMMACtypesForPackage(pkgName));**** > > + callingTypes.add(pkgName);**** > > }**** > > ** ** > > - Set<String> dstTypes = dstPkg.applicationInfo.mmacTypes;**** > > + Set<String> dstTypes = new > HashSet<String>(dstPkg.applicationInfo.mmacTypes);**** > > + dstTypes.add(dstPkg.packageName);**** > > ** ** > > if (IntentMAC.DEBUG_ICC) {**** > > Slog.v("SELINUX_MMAC", callingPkgs+"{"+callingTypes+"} => "+* > *** > > ** ** >
