TheArchive/Magisk
1
0
Fork 0
mirror of https://github.com/topjohnwu/Magisk.git synced 2025-04-22 20:21:31 +00:00
Code Issues Packages Projects Releases Wiki Activity

add permissive domain to README

Browse Source
This commit is contained in:
Joshua Brindle 2013-07-16 22:10:12 -04:00
parent 1759add2b6
commit 34d8165edd
1 changed files with 10 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
README.txt
View File

@ -1,5 +1,6 @@
Injects allow rules into binary SELinux kernel policies Injects allow rules into binary SELinux kernel policies
Injecting a rule:
$ ./sepolicy-inject -s shell -t system -c file -p read -P sepolicy -o sepolicy2 $ ./sepolicy-inject -s shell -t system -c file -p read -P sepolicy -o sepolicy2
libsepol.policydb_index_others: security: 1 users, 2 roles, 518 types, 14 bools libsepol.policydb_index_others: security: 1 users, 2 roles, 518 types, 14 bools
libsepol.policydb_index_others: security: 1 sens, 1024 cats libsepol.policydb_index_others: security: 1 sens, 1024 cats
@ -14,11 +15,19 @@ Found 2 semantic av rules:
allow shell system : file read ; allow shell system : file read ;
allow appdomain domain : file { ioctl read getattr lock open } ; allow appdomain domain : file { ioctl read getattr lock open } ;
Injecting a permissive domain:
$ ./sepolicy-inject -Z shell -P sepolicy -o sepolicy2
$ seinfo sepolicy | grep Permissive
Permissives: 0 Polcap: 2
$ seinfo sepolicy2 | grep Permissive
Permissives: 1 Polcap: 2
TODO: TODO:
Insert multiple rules at the same time Insert multiple rules at the same time
Remove rules Remove rules
Use attributes Use attributes
Add permissive domains