Commits

Anonymous committed a247705

Permit writing to /dev/random and /dev/urandom.

Apps attempting to write to /dev/random or /dev/urandom currently
succeed, but a policy violation is logged. These two Linux RNG
devices are meant to be written to by arbitrary apps. Thus, there's
no reason to deny this capability.

Bug: 10679705

Change-Id: Ife401f1dd2182889471eef7e90fcc92e96f9c4d6

Comments (0)

Files changed (1)

 allow domain log_device:chr_file rw_file_perms;
 allow domain nv_device:chr_file rw_file_perms;
 allow domain alarm_device:chr_file r_file_perms;
-allow domain urandom_device:chr_file r_file_perms;
-allow domain random_device:chr_file r_file_perms;
+allow domain urandom_device:chr_file rw_file_perms;
+allow domain random_device:chr_file rw_file_perms;
 allow domain properties_device:file r_file_perms;
 
 # Filesystem accesses.