summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--selinux/gpsd.te2
-rw-r--r--selinux/rild.te2
-rw-r--r--selinux/system_server.te2
3 files changed, 3 insertions, 3 deletions
diff --git a/selinux/gpsd.te b/selinux/gpsd.te
index d58665e..8eca21c 100644
--- a/selinux/gpsd.te
+++ b/selinux/gpsd.te
@@ -3,7 +3,7 @@ allow gpsd rild:unix_stream_socket connectto;
allow gpsd system_data_file:fifo_file { create read write setattr open };
allow gpsd servicemanager:binder call;
allow gpsd sysfs_wake_lock:file { read write open };
-allow gpsd system_data_file:file { create read write setattr open };
+allow gpsd system_data_file:file { read open };
allow gpsd system_data_file:dir { read write setattr open add_name };
allow gpsd system_server:binder call;
allow gpsd system_server:unix_stream_socket { read write };
diff --git a/selinux/rild.te b/selinux/rild.te
index 1df1a78..3339eaf 100644
--- a/selinux/rild.te
+++ b/selinux/rild.te
@@ -11,4 +11,4 @@ allow rild efs_block_device:blk_file rw_file_perms;
allow rild efs_file:file { read open write setattr };
allow rild efs_device_file:dir create_dir_perms;
-allow rild efs_device_file:file { setattr create rw_file_perms link_file_perms };
+allow rild efs_device_file:file { setattr create create_file_perms };
diff --git a/selinux/system_server.te b/selinux/system_server.te
index a6b65ce..28085f4 100644
--- a/selinux/system_server.te
+++ b/selinux/system_server.te
@@ -14,7 +14,7 @@ allow system_server uhid_device:chr_file { read ioctl write open };
# /efs/wifi/.mac.info
allow system_server wifi_data_file:file { read open };
-allow system_server default_prop:property_service set;
+#allow system_server default_prop:property_service set;
allow system_server gpsd:binder transfer;
type_transition system_server system_data_file:fifo_file gps_data_file ".gps.interface.pipe.to_jni";