On 03/21/2013 12:48 PM, William Roberts wrote:
ok, that works for me, I didn't know if it was a controllable flag through selinuxfs.
I think the only way to do that would be wrap all dontaudit statements with a conditional on a policy boolean. Then you could switch the boolean to enable/disable them.
More easily we could just have the Makefile always post-process the policy.conf to strip all dontaudit rules and generate a separate copy of the binary policy. Then you could easily adb push that to /data/security and reload as needed.
-- This message was distributed to subscribers of the seandroid-list mailing list. If you no longer wish to subscribe, send mail to [email protected] with the words "unsubscribe seandroid-list" without quotes as the message.
