Expand bluetooth access to media_rw_data_file for now.

With sdcardfs, we no longer have a separate sdcardd acting as an intermediate between the outside world and /data/media. Unless we modify sdcardfs to change contexts, we need these. Remove this patch if sdcardfs is updated to change the secontext of fs accesses. Bug: 28040634 Change-Id: I492c87e9f232c57f43abd09b7864b52847bc3555
ResurrectionRemix · Apr 6, 2016 · 4a0c803 · 4a0c803
1 parent 75b25dd
commit 4a0c803
Showing 1 changed file with 2 additions and 1 deletion.
diff --git a/bluetooth.te b/bluetooth.te
@@ -57,7 +57,8 @@ allow bluetooth shell_data_file:file read;
 # Access to /data/media.
 # This should be removed if sdcardfs is modified to alter the secontext for its
 # accesses to the underlying FS.
-allow bluetooth media_rw_data_file:dir search;
+allow bluetooth media_rw_data_file:dir create_dir_perms;
+allow bluetooth media_rw_data_file:file create_file_perms;
 
 ###
 ### Neverallow rules