1# MLS override can't be used to access private app data. 2 3# Apps should not normally be mlstrustedsubject, but if they must be 4# they cannot use this to access app private data files; their own app 5# data files must use a different label. 6 7neverallow { 8 mlstrustedsubject 9 -artd # compile secondary dex files 10 -installd 11} { app_data_file privapp_data_file }:file ~{ read write map getattr ioctl lock append }; 12 13neverallow { 14 mlstrustedsubject 15 -artd # compile secondary dex files 16 -installd 17} { app_data_file privapp_data_file }:dir ~{ read getattr search }; 18 19neverallow { 20 mlstrustedsubject 21 -artd # compile secondary dex files 22 -installd 23 -system_server 24 -adbd 25 -runas 26 -zygote 27} { app_data_file privapp_data_file }:dir { read getattr search }; 28