Lines Matching refs:untrusted

2 ### neverallow rules for untrusted app domains
25 # Do not allow untrusted apps to register services.
30 # Do not allow untrusted apps to use VendorBinder
34 # Do not allow untrusted apps to connect to the property service
41 # but otherwise disallow untrusted apps from reading this property.
44 # Do not allow untrusted apps to be assigned mlstrustedsubject.
51 # and an untrusted app is allowed fork permission to itself.
54 # Do not allow untrusted apps to hard link to any files.
55 # In particular, if an untrusted app links to other app data
58 # bugs, so we want to ensure untrusted apps never have this
62 # Do not allow untrusted apps to access network MAC address file
85 # Do not allow untrusted apps access to /cache
89 # Do not allow untrusted apps to create/unlink files outside of its sandbox,
108 # No untrusted component should be touching /dev/fuse
111 # Do not allow untrusted apps to directly open tun_device
139 # Do not allow untrusted apps access to preloads data files
146 # Do not permit untrusted apps to perform actions on HwBinder service_manager
242 # SELinux is not an API for untrusted apps to use