1 ### 2 ### Apps signed with the platform key. 3 ### 4 5 type platform_app, domain; 6 app_domain(platform_app) 7 # Access the network. 8 net_domain(platform_app) 9 # Access bluetooth. 10 bluetooth_domain(platform_app) 11 # Read from /data/local/tmp or /data/data/com.android.shell. 12 allow platform_app shell_data_file:dir search; 13 allow platform_app shell_data_file:file { open getattr read }; 14 # Populate /data/app/vmdl*.tmp, /data/app-private/vmdl*.tmp files 15 # created by system server. 16 allow platform_app { apk_tmp_file apk_private_tmp_file }:dir rw_dir_perms; 17 allow platform_app { apk_tmp_file apk_private_tmp_file }:file rw_file_perms; 18 allow platform_app apk_private_data_file:dir search; 19 # ASEC 20 allow platform_app asec_apk_file:dir create_dir_perms; 21 allow platform_app asec_apk_file:file create_file_perms; 22 23 # Access to /data/media. 24 allow platform_app media_rw_data_file:dir create_dir_perms; 25 allow platform_app media_rw_data_file:file create_file_perms; 26 27 # Write to /cache. 28 allow platform_app cache_file:dir create_dir_perms; 29 allow platform_app cache_file:file create_file_perms; 30
