1 # debugger interface 2 type tombstoned, domain, mlstrustedsubject; 3 type tombstoned_exec, exec_type, file_type; 4 5 # Write to arbitrary pipes given to us. 6 allow tombstoned domain:fd use; 7 allow tombstoned domain:fifo_file write; 8 9 allow tombstoned domain:dir r_dir_perms; 10 allow tombstoned domain:file r_file_perms; 11 allow tombstoned tombstone_data_file:dir rw_dir_perms; 12 allow tombstoned tombstone_data_file:file create_file_perms; 13 14 # TODO: Remove append / write permissions. They were temporarily 15 # granted due to a bug which appears to have been fixed. 16 allow tombstoned anr_data_file:file { append write }; 17 auditallow tombstoned anr_data_file:file { append write }; 18 19 # Changes for the new stack dumping mechanism. Each trace goes into a 20 # separate file, and these files are managed by tombstoned. 21 allow tombstoned anr_data_file:dir rw_dir_perms; 22 allow tombstoned anr_data_file:file { getattr open create }; 23
