allow oemfs:dir search

mediaserver and drmserver both have permission to read oemfs related files. However, there are no search permissions on the directory, so the files would be unreachable. Grant search permissions on the oemfs directory, so that the files within that directory can be read. Bug: 17954291 Change-Id: I9e36dc7b940bd46774753c1fa07b0f47c36ff0db
mozilla-b2g · Oct 10, 2014 · ebfd9f8 · ebfd9f8
1 parent 2380d05
commit ebfd9f8
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 0 deletions.
diff --git a/drmserver.te b/drmserver.te
@@ -48,4 +48,5 @@ allow drmserver radio_data_file:file { read getattr };
 allow drmserver drmserver_service:service_manager add;
 
 # /oem access
+allow drmserver oemfs:dir search;
 allow drmserver oemfs:file r_file_perms;
diff --git a/mediaserver.te b/mediaserver.te
@@ -81,4 +81,5 @@ allow mediaserver tee:unix_stream_socket connectto;
 allow mediaserver mediaserver_service:service_manager add;
 
 # /oem access
+allow mediaserver oemfs:dir search;
 allow mediaserver oemfs:file r_file_perms;