From 78011e9f3ad4fda62a32c6d8a18f154a35227b1c Mon Sep 17 00:00:00 2001 From: Tri Vo Date: Fri, 15 Jul 2022 11:06:41 -0700 Subject: [PATCH] storageproxyd: Remove setuid/setgid SELinux permissions Bug: 205904330 Test: boot Change-Id: Iefecc29752781151679e9f798330a36d14447df9 --- whitechapel/vendor/google/storageproxyd.te | 1 - 1 file changed, 1 deletion(-) diff --git a/whitechapel/vendor/google/storageproxyd.te b/whitechapel/vendor/google/storageproxyd.te index ada64441..9b0289cc 100644 --- a/whitechapel/vendor/google/storageproxyd.te +++ b/whitechapel/vendor/google/storageproxyd.te @@ -11,7 +11,6 @@ allow tee mnt_vendor_file:dir r_dir_perms; allow tee tee_data_file:dir create_dir_perms; allow tee tee_data_file:lnk_file r_file_perms; allow tee sg_device:chr_file rw_file_perms; -allow tee self:capability { setgid setuid }; # Allow storageproxyd access to gsi_public_metadata_file read_fstab(tee)