I want to connect to an abstract Unix domain socket owned by rild from within my app. This fails with
With Lollipop a
fixed the permission, but no longer with Marshmallow. I still get the "avc: denied" message. When I switch SELinux temporarily to permissive I'm able to connect to the socket.
The new permission does show in supolicy --dumpav
As far as I understand it is always possible to add an SELinux permission. Was there some change in Marshmallow that breaks this rule? Am I simply doing something wrong? Or is it a bug in supolicy?
Code:
avc: denied { connectto } for pid=11492 comm=4173796E635461736B202332 path=0072736170 scontext=u:r:untrusted_app:s0:c512,c768 tcontext=u:r:rild:s0 tclass=unix_stream_socket permissive=0 Code:
supolicy --live "allow untrusted_app rild unix_stream_socket { connectto }" The new permission does show in supolicy --dumpav
As far as I understand it is always possible to add an SELinux permission. Was there some change in Marshmallow that breaks this rule? Am I simply doing something wrong? Or is it a bug in supolicy?
from xda-developers http://ift.tt/1Vb6bQf
via IFTTT
No comments:
Post a Comment