Lines Matching refs:domain
2 ### Domain for all zygote spawned apps
172 allow appdomain domain:dir { open read search getattr };
173 allow appdomain domain:{ file lnk_file } { open read getattr };
185 allow appdomain domain:process getattr;
232 domain:{
245 neverallow appdomain domain:netlink_kobject_uevent_socket { write append };
250 # Unix domain sockets.
260 neverallow appdomain { domain -appdomain }:process ptrace;
262 # Write access to /proc/pid entries for any non-app domain.
263 neverallow appdomain { domain -appdomain }:file write;
269 neverallow appdomain { domain -appdomain }:process
272 # Transition to a non-app domain.
273 # Exception for the shell domain, can transition to runas, etc.
274 neverallow { appdomain -shell } { domain -appdomain }:process
