Gitiles
Code Review Sign In
LeafOS / LeafOS-Project / android_system_sepolicy / 4738b93db250175f0915cee2f08ab01aaf8d28f9
commit4738b93db250175f0915cee2f08ab01aaf8d28f9[log] [tgz]
authorNick Kralevich <nnk@google.com>Mon Aug 06 14:48:53 2018 -0700
committerNick Kralevich <nnk@google.com>Mon Aug 06 14:49:45 2018 -0700
tree377b414a792464841021232cff0c2dd2355cff17
parent41b21ee96a94e286e6c308ff03c49b0f14d66e99 [diff]
auditallow app_data_file execute

Executing files from an application home directory violates
W^X (https://en.wikipedia.org/wiki/W%5EX) constraints (loading executable code
from a writable file) and is an unsafe application behavior. Test to see if we
can get rid of it and establish some baseline metrics.

Test: device boots and no obvious problems.
Change-Id: I756c281fcbf750821307327642cc0d06605951b0
2 files changed
tree: 377b414a792464841021232cff0c2dd2355cff17
  1. build/
  2. prebuilts/
  3. private/
  4. public/
  5. reqd_mask/
  6. tests/
  7. tools/
  8. vendor/
  9. Android.bp
  10. Android.mk
  11. CleanSpec.mk
  12. definitions.mk
  13. MODULE_LICENSE_PUBLIC_DOMAIN
  14. NOTICE
  15. OWNERS
  16. PREUPLOAD.cfg
  17. README
  18. treble_sepolicy_tests_for_release.mk