1### 2### Ephemeral apps. 3### 4### This file defines the security policy for apps with the ephemeral 5### feature. 6### 7### The ephemeral_app domain is a reduced permissions sandbox allowing 8### ephemeral applications to be safely installed and run. Non ephemeral 9### applications may also opt-in to ephemeral to take advantage of the 10### additional security features. 11### 12### PackageManager flags an app as ephemeral at install time. 13 14type ephemeral_app, domain; 15 16# system/sepolicy/public is for vendor-facing type and attribute definitions. 17# DO NOT ADD allow, neverallow, or dontaudit statements here. 18# Instead, add such policy rules to system/sepolicy/private/*.te. 19