public/property.te - LeafOS-Project/android_system_sepolicy - Gitiles

 type audio_prop, property_type, core_property_type;
 type boottime_prop, property_type;
 type bluetooth_prop, property_type, core_property_type;
 type config_prop, property_type, core_property_type;
 type cppreopt_prop, property_type, core_property_type;
 type ctl_bootanim_prop, property_type;
 type ctl_bugreport_prop, property_type;
 type ctl_console_prop, property_type;
 type ctl_default_prop, property_type;
 type ctl_dumpstate_prop, property_type;
 type ctl_fuse_prop, property_type;
 type ctl_mdnsd_prop, property_type;
 type ctl_rildaemon_prop, property_type;
 type dalvik_prop, property_type, core_property_type;
 type debuggerd_prop, property_type, core_property_type;
 type debug_prop, property_type, core_property_type;
 type default_prop, property_type, core_property_type;
 type device_logging_prop, property_type;
 type dhcp_prop, property_type, core_property_type;
 type dumpstate_options_prop, property_type;
 type dumpstate_prop, property_type, core_property_type;
 type ffs_prop, property_type, core_property_type;
 type fingerprint_prop, property_type, core_property_type;
 type hwservicemanager_prop, property_type;
 type logd_prop, property_type, core_property_type;
 type logpersistd_logging_prop, property_type;
 type log_prop, property_type, log_property_type;
 type log_tag_prop, property_type, log_property_type;
 type mmc_prop, property_type;
 type net_radio_prop, property_type, core_property_type;
 type nfc_prop, property_type, core_property_type;
 type overlay_prop, property_type;
 type pan_result_prop, property_type, core_property_type;
 type persist_debug_prop, property_type, core_property_type;
 type powerctl_prop, property_type, core_property_type;
 type radio_prop, property_type, core_property_type;
 type restorecon_prop, property_type, core_property_type;
 type safemode_prop, property_type;
 type serialno_prop, property_type;
 type shell_prop, property_type, core_property_type;
 type system_prop, property_type, core_property_type;
 type system_radio_prop, property_type, core_property_type;
 type vold_prop, property_type, core_property_type;
 type wifi_log_prop, property_type, log_property_type;
 type wifi_prop, property_type;

 allow property_type tmpfs:filesystem associate;

 ###
 ### Neverallow rules
 ###

 # core_property_type should not be used for new properties or
 # device specific properties. Properties with this attribute
 # are readable to everyone, which is overly broad and should
 # be avoided.
 # New properties should have appropriate read / write access
 # control rules written.

 neverallow * {
   core_property_type
   -audio_prop
   -bluetooth_prop
   -config_prop
   -cppreopt_prop
   -dalvik_prop
   -debuggerd_prop
   -debug_prop
   -default_prop
   -dhcp_prop
   -dumpstate_prop
   -ffs_prop
   -fingerprint_prop
   -logd_prop
   -net_radio_prop
   -nfc_prop
   -pan_result_prop
   -persist_debug_prop
   -powerctl_prop
   -radio_prop
   -restorecon_prop
   -shell_prop
   -system_prop
   -system_radio_prop
   -vold_prop
 }:file no_rw_file_perms;
	type audio_prop, property_type, core_property_type;
	type boottime_prop, property_type;
	type bluetooth_prop, property_type, core_property_type;
	type config_prop, property_type, core_property_type;
	type cppreopt_prop, property_type, core_property_type;
	type ctl_bootanim_prop, property_type;
	type ctl_bugreport_prop, property_type;
	type ctl_console_prop, property_type;
	type ctl_default_prop, property_type;
	type ctl_dumpstate_prop, property_type;
	type ctl_fuse_prop, property_type;
	type ctl_mdnsd_prop, property_type;
	type ctl_rildaemon_prop, property_type;
	type dalvik_prop, property_type, core_property_type;
	type debuggerd_prop, property_type, core_property_type;
	type debug_prop, property_type, core_property_type;
	type default_prop, property_type, core_property_type;
	type device_logging_prop, property_type;
	type dhcp_prop, property_type, core_property_type;
	type dumpstate_options_prop, property_type;
	type dumpstate_prop, property_type, core_property_type;
	type ffs_prop, property_type, core_property_type;
	type fingerprint_prop, property_type, core_property_type;
	type hwservicemanager_prop, property_type;
	type logd_prop, property_type, core_property_type;
	type logpersistd_logging_prop, property_type;
	type log_prop, property_type, log_property_type;
	type log_tag_prop, property_type, log_property_type;
	type mmc_prop, property_type;
	type net_radio_prop, property_type, core_property_type;
	type nfc_prop, property_type, core_property_type;
	type overlay_prop, property_type;
	type pan_result_prop, property_type, core_property_type;
	type persist_debug_prop, property_type, core_property_type;
	type powerctl_prop, property_type, core_property_type;
	type radio_prop, property_type, core_property_type;
	type restorecon_prop, property_type, core_property_type;
	type safemode_prop, property_type;
	type serialno_prop, property_type;
	type shell_prop, property_type, core_property_type;
	type system_prop, property_type, core_property_type;
	type system_radio_prop, property_type, core_property_type;
	type vold_prop, property_type, core_property_type;
	type wifi_log_prop, property_type, log_property_type;
	type wifi_prop, property_type;

	allow property_type tmpfs:filesystem associate;

	###
	### Neverallow rules
	###

	# core_property_type should not be used for new properties or
	# device specific properties. Properties with this attribute
	# are readable to everyone, which is overly broad and should
	# be avoided.
	# New properties should have appropriate read / write access
	# control rules written.

	neverallow * {
	core_property_type
	-audio_prop
	-bluetooth_prop
	-config_prop
	-cppreopt_prop
	-dalvik_prop
	-debuggerd_prop
	-debug_prop
	-default_prop
	-dhcp_prop
	-dumpstate_prop
	-ffs_prop
	-fingerprint_prop
	-logd_prop
	-net_radio_prop
	-nfc_prop
	-pan_result_prop
	-persist_debug_prop
	-powerctl_prop
	-radio_prop
	-restorecon_prop
	-shell_prop
	-system_prop
	-system_radio_prop
	-vold_prop
	}:file no_rw_file_perms;