On Jan 18, 2016 8:58 AM, "Inamdar Sharif" <[email protected]> wrote: > > Hi Guys, > > > > While going through the policies, I came across media_rw_data_file > > > > Looking into the policies it seems that platform_app and untrusted_app has the following permission. > > allow platform_app media_rw_data_file:dir create_dir_perms; > > allow platform_app media_rw_data_file:file create_file_perms; > > > > allow untrusted_app media_rw_data_file:dir create_dir_perms; > > allow untrusted_app media_rw_data_file:file create_file_perms; > > > > But for system_app we don’t have such policies. If untrusted_app can access then system_app is much safer.
Its about least permission which does not always correlate with safe. Apparently no system apps have needed permissions there so they were not allowed to do such. > > I am not sure why we have not allowed it for system apps. Is there any specific reason?? They don't need it currently on any nexus device. However oems may have system apps that access this location, and thus their device policy takes care of it assuming no never allows are in place. > > > > Thanks. > > ________________________________ > This email message is for the sole use of the intended recipient(s) and may contain confidential information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message. > ________________________________ > > _______________________________________________ > Seandroid-list mailing list > [email protected] > To unsubscribe, send email to [email protected]. > To get help, send an email containing "help" to [email protected].
_______________________________________________ Seandroid-list mailing list [email protected] To unsubscribe, send email to [email protected]. To get help, send an email containing "help" to [email protected].
