MarcoBuster/Magisk
1
1
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
4 Commits 1 Branch 119 Tags 61 MiB
C++ 41.6%
Kotlin 40.9%
Java 11.7%
Shell 4.1%
Python 1.3%
Other 0.4%
1759add2b6
Go to file
Joshua Brindle 1759add2b6 Add permissive type support
2013-07-16 19:51:26 -04:00
Makefile initial commit 2013-06-27 21:42:09 -04:00
README.txt updates to readme 2013-06-28 11:23:25 -04:00
sepolicy-inject.c Add permissive type support 2013-07-16 19:51:26 -04:00

README.txt 

Injects allow rules into binary SELinux kernel policies

$ ./sepolicy-inject -s shell -t system -c file -p read -P sepolicy -o sepolicy2                                   
libsepol.policydb_index_others: security:  1 users, 2 roles, 518 types, 14 bools
libsepol.policydb_index_others: security: 1 sens, 1024 cats
libsepol.policydb_index_others: security:  84 classes, 4539 rules, 162 cond rules

$ sesearch -A -s shell -t system -c file sepolicy
Found 1 semantic av rules:
   allow appdomain domain : file { ioctl read getattr lock open } ; 

$ sesearch -A -s shell -t system -c file sepolicy2
Found 2 semantic av rules:
   allow shell system : file read ; 
   allow appdomain domain : file { ioctl read getattr lock open } ; 


TODO:

Insert multiple rules at the same time
Remove rules
Use attributes 
Add permissive domains