1 ### 2 ### Untrusted apps. 3 ### 4 ### This file defines the rules for untrusted apps. 5 ### Apps are labeled based on mac_permissions.xml (maps signer and 6 ### optionally package name to seinfo value) and seapp_contexts (maps UID 7 ### and optionally seinfo value to domain for process and type for data 8 ### directory). The untrusted_app domain is the default assignment in 9 ### seapp_contexts for any app with UID between APP_AID (10000) 10 ### and AID_ISOLATED_START (99000) if the app has no specific seinfo 11 ### value as determined from mac_permissions.xml. In current AOSP, this 12 ### domain is assigned to all non-system apps as well as to any system apps 13 ### that are not signed by the platform key. To move 14 ### a system app into a specific domain, add a signer entry for it to 15 ### mac_permissions.xml and assign it one of the pre-existing seinfo values 16 ### or define and use a new seinfo value in both mac_permissions.xml and 17 ### seapp_contexts. 18 ### 19 20 typeattribute untrusted_app coredomain; 21 22 app_domain(untrusted_app) 23 untrusted_app_domain(untrusted_app) 24 net_domain(untrusted_app) 25 bluetooth_domain(untrusted_app) 26 27 # allow untrusted apps to use UDP sockets provided by the system server but not 28 # modify them other than to connect 29 allow untrusted_app system_server:udp_socket { connect getattr read recvfrom sendto write }; 30 31 # Allow the allocation and use of ptys 32 # Used by: https://play.google.com/store/apps/details?id=jackpal.androidterm 33 create_pty(untrusted_app) 34 35 neverallow untrusted_app system_server:udp_socket { 36 accept append bind create getopt ioctl listen lock name_bind 37 relabelfrom relabelto setattr setopt shutdown }; 38