Merge "Only allow toolbox exec where /system exec was already allowed."

2015-08-25 22:41:57 +00:00
parent a7eaf45078 75770de701
commit 36d91b5352
1 changed files with 1 additions and 0 deletions
--- a/target/board/generic/sepolicy/goldfish_setup.te
+++ b/target/board/generic/sepolicy/goldfish_setup.te
@@ -9,6 +9,7 @@ allow goldfish_setup shell_exec:file read;

 # Run ifconfig, route commands to configure interfaces and routes.
 allow goldfish_setup system_file:file execute_no_trans;
+allow goldfish_setup toolbox_exec:file rx_file_perms;
 allow goldfish_setup self:capability { net_admin net_raw };
 allow goldfish_setup self:udp_socket create_socket_perms;