| # ============================================== |
| # Policy File of /system/bin/statusd Executable File |
| |
| type statusd_exec, exec_type, file_type; |
| type statusd, domain; |
| |
| # permissive statusd; |
| |
| init_daemon_domain(statusd) |
| |
| allow statusd block_device:dir search; |
| allow statusd ctl_pppd_via_prop:property_service set; |
| allow statusd flashlessd_exec:file { read execute open execute_no_trans }; |
| allow statusd init:unix_stream_socket connectto; |
| allow statusd mtk_md_prop:property_service set; |
| allow statusd net_cdma_mdmstat:property_service set; |
| allow statusd net_radio_prop:property_service set; |
| allow statusd nvram_data_file:dir { search add_name write remove_name read open}; |
| allow statusd nvram_data_file:file { create write open read getattr setattr}; |
| allow statusd nvram_data_file:lnk_file { read}; |
| allow statusd nvdata_file:dir { search add_name write remove_name read open}; |
| allow statusd nvdata_file:file { create write open read getattr setattr}; |
| allow statusd nvram_device:blk_file { read write open }; |
| allow statusd mmcblk0_block_device:blk_file { read write open }; |
| allow statusd nvdata_device:blk_file { read write open }; |
| allow statusd property_socket:sock_file write; |
| allow statusd radio_prop:property_service set; |
| allow statusd ril_cdma_report_prop:property_service set; |
| allow statusd self:capability net_admin; |
| allow statusd self:udp_socket { create ioctl }; |
| allow statusd statusd_socket:sock_file { write setattr }; |
| allow statusd sysfs_wake_lock:file { read write open }; |
| allow statusd system_data_file:dir { write add_name }; |
| allow statusd system_data_file:sock_file { write create setattr }; |
| allow statusd c2k_file:dir create_dir_perms; |
| allow statusd c2k_file:file create_file_perms; |
| allow statusd system_file:file execute_no_trans; |
| allow statusd ttyMT_device:chr_file { read write ioctl open }; |
| allow statusd ttySDIO_device:chr_file { read write open setattr ioctl}; |
| allow statusd viarild_exec:file { read execute open execute_no_trans }; |
| allow statusd vmodem_device:chr_file { read write open setattr ioctl}; |
| |
| # property service |
| allow statusd system_prop:property_service set; |
| allow statusd system_radio_prop:property_service set; |
| allow statusd persist_ril_prop:property_service set; |
| allow statusd ril_mux_report_case_prop:property_service set; |
| allow statusd cdma_prop:property_service set; |
| auditallow statusd net_radio_prop:property_service set; |
| auditallow statusd system_radio_prop:property_service set; |
| |
| #Search permission for findPidByName |
| allow statusd domain:dir search; |