William Roberts wrote:
On Tue, Jan 15, 2013 at 6:06 PM, Joshua Brindle<[email protected]> wrote:
William Roberts wrote:
In watchdog.te their is:
# because of /dev/__kmsg__ and /dev/__null__
allow watchdogd device:chr_file create_file_perms;
Would a dynamic type transition not work for this?
Transitions are only hints, you still need full privileges to create the
file type and write to the directory or the type transition will fail.
But would it avoid read/write on device:file?
Oops, missed that that was actually the question. If Robert is right and
they are transient it might be fine to label them watchdog_device and if
they get leaked somehow the next process won't be able to open them.
--
This message was distributed to subscribers of the seandroid-list mailing list.
If you no longer wish to subscribe, send mail to [email protected] with
the words "unsubscribe seandroid-list" without quotes as the message.
