1*e4a36f41SAndroid Build Coastguard Worker### 2*e4a36f41SAndroid Build Coastguard Worker### SDK Sandbox process. 3*e4a36f41SAndroid Build Coastguard Worker### 4*e4a36f41SAndroid Build Coastguard Worker### This file defines the security policy for the sdk sandbox processes 5*e4a36f41SAndroid Build Coastguard Worker### for a test set of restrictions. These restrictions will be adapted 6*e4a36f41SAndroid Build Coastguard Worker### with modifications, into the set of restrictions for the next SDK 7*e4a36f41SAndroid Build Coastguard Worker### level. 8*e4a36f41SAndroid Build Coastguard Workertype sdk_sandbox_next, domain, coredomain, sdk_sandbox_all; 9*e4a36f41SAndroid Build Coastguard Worker 10*e4a36f41SAndroid Build Coastguard Workernet_domain(sdk_sandbox_next) 11*e4a36f41SAndroid Build Coastguard Workerapp_domain(sdk_sandbox_next) 12*e4a36f41SAndroid Build Coastguard Worker 13*e4a36f41SAndroid Build Coastguard Worker# Allow finding services. This is different from ephemeral_app policy. 14*e4a36f41SAndroid Build Coastguard Worker# Adding services manually to the allowlist is preferred hence app_api_service is not used. 15*e4a36f41SAndroid Build Coastguard Workerallow sdk_sandbox_next { 16*e4a36f41SAndroid Build Coastguard Worker activity_service 17*e4a36f41SAndroid Build Coastguard Worker activity_task_service 18*e4a36f41SAndroid Build Coastguard Worker appops_service 19*e4a36f41SAndroid Build Coastguard Worker audio_service 20*e4a36f41SAndroid Build Coastguard Worker audioserver_service 21*e4a36f41SAndroid Build Coastguard Worker batteryproperties_service 22*e4a36f41SAndroid Build Coastguard Worker batterystats_service 23*e4a36f41SAndroid Build Coastguard Worker connectivity_service 24*e4a36f41SAndroid Build Coastguard Worker connmetrics_service 25*e4a36f41SAndroid Build Coastguard Worker deviceidle_service 26*e4a36f41SAndroid Build Coastguard Worker display_service 27*e4a36f41SAndroid Build Coastguard Worker dropbox_service 28*e4a36f41SAndroid Build Coastguard Worker font_service 29*e4a36f41SAndroid Build Coastguard Worker game_service 30*e4a36f41SAndroid Build Coastguard Worker gpu_service 31*e4a36f41SAndroid Build Coastguard Worker graphicsstats_service 32*e4a36f41SAndroid Build Coastguard Worker hardware_properties_service 33*e4a36f41SAndroid Build Coastguard Worker hint_service 34*e4a36f41SAndroid Build Coastguard Worker imms_service 35*e4a36f41SAndroid Build Coastguard Worker input_method_service 36*e4a36f41SAndroid Build Coastguard Worker input_service 37*e4a36f41SAndroid Build Coastguard Worker IProxyService_service 38*e4a36f41SAndroid Build Coastguard Worker ipsec_service 39*e4a36f41SAndroid Build Coastguard Worker launcherapps_service 40*e4a36f41SAndroid Build Coastguard Worker legacy_permission_service 41*e4a36f41SAndroid Build Coastguard Worker light_service 42*e4a36f41SAndroid Build Coastguard Worker locale_service 43*e4a36f41SAndroid Build Coastguard Worker media_communication_service 44*e4a36f41SAndroid Build Coastguard Worker mediaextractor_service 45*e4a36f41SAndroid Build Coastguard Worker mediametrics_service 46*e4a36f41SAndroid Build Coastguard Worker media_projection_service 47*e4a36f41SAndroid Build Coastguard Worker media_router_service 48*e4a36f41SAndroid Build Coastguard Worker mediaserver_service 49*e4a36f41SAndroid Build Coastguard Worker media_session_service 50*e4a36f41SAndroid Build Coastguard Worker memtrackproxy_service 51*e4a36f41SAndroid Build Coastguard Worker midi_service 52*e4a36f41SAndroid Build Coastguard Worker netpolicy_service 53*e4a36f41SAndroid Build Coastguard Worker netstats_service 54*e4a36f41SAndroid Build Coastguard Worker network_management_service 55*e4a36f41SAndroid Build Coastguard Worker notification_service 56*e4a36f41SAndroid Build Coastguard Worker package_service 57*e4a36f41SAndroid Build Coastguard Worker permission_checker_service 58*e4a36f41SAndroid Build Coastguard Worker permission_service 59*e4a36f41SAndroid Build Coastguard Worker permissionmgr_service 60*e4a36f41SAndroid Build Coastguard Worker platform_compat_service 61*e4a36f41SAndroid Build Coastguard Worker power_service 62*e4a36f41SAndroid Build Coastguard Worker procstats_service 63*e4a36f41SAndroid Build Coastguard Worker registry_service 64*e4a36f41SAndroid Build Coastguard Worker restrictions_service 65*e4a36f41SAndroid Build Coastguard Worker rttmanager_service 66*e4a36f41SAndroid Build Coastguard Worker search_service 67*e4a36f41SAndroid Build Coastguard Worker selection_toolbar_service 68*e4a36f41SAndroid Build Coastguard Worker sensor_privacy_service 69*e4a36f41SAndroid Build Coastguard Worker sensorservice_service 70*e4a36f41SAndroid Build Coastguard Worker servicediscovery_service 71*e4a36f41SAndroid Build Coastguard Worker settings_service 72*e4a36f41SAndroid Build Coastguard Worker speech_recognition_service 73*e4a36f41SAndroid Build Coastguard Worker statusbar_service 74*e4a36f41SAndroid Build Coastguard Worker storagestats_service 75*e4a36f41SAndroid Build Coastguard Worker surfaceflinger_service 76*e4a36f41SAndroid Build Coastguard Worker telecom_service 77*e4a36f41SAndroid Build Coastguard Worker tethering_service 78*e4a36f41SAndroid Build Coastguard Worker textclassification_service 79*e4a36f41SAndroid Build Coastguard Worker textservices_service 80*e4a36f41SAndroid Build Coastguard Worker texttospeech_service 81*e4a36f41SAndroid Build Coastguard Worker thermal_service 82*e4a36f41SAndroid Build Coastguard Worker translation_service 83*e4a36f41SAndroid Build Coastguard Worker tv_iapp_service 84*e4a36f41SAndroid Build Coastguard Worker tv_input_service 85*e4a36f41SAndroid Build Coastguard Worker uimode_service 86*e4a36f41SAndroid Build Coastguard Worker vcn_management_service 87*e4a36f41SAndroid Build Coastguard Worker webviewupdate_service 88*e4a36f41SAndroid Build Coastguard Worker}:service_manager find; 89*e4a36f41SAndroid Build Coastguard Worker 90