Home | History | Annotate | Download | only in sepolicy 
      1 # debugger interface
      2 type debuggerd, domain;
      3 type debuggerd_exec, exec_type, file_type;
      4 
      5 init_daemon_domain(debuggerd)
      6 typeattribute debuggerd mlstrustedsubject;
      7 allow debuggerd self:capability { dac_override sys_ptrace chown kill };
      8 allow debuggerd domain:dir r_dir_perms;
      9 allow debuggerd domain:file r_file_perms;
     10 allow debuggerd domain:process ptrace;
     11 allow debuggerd tombstone_data_file:dir create_dir_perms;
     12 allow debuggerd tombstone_data_file:file create_file_perms;
     13 allow debuggerd domain:process { sigstop signal };
     14 allow debuggerd exec_type:file r_file_perms;
     15 allow debuggerd log_device:chr_file r_file_perms;
     16