Lines Matching refs:execute
102 allow domain system_file:file { execute read open getattr };
109 allow domain vendor_file_type:file { execute read open getattr };
118 # Everyone can read and execute all same process HALs
120 allow domain same_process_hal_file:file { execute read open getattr };
125 allow domain vndk_sp_file:file { execute read open getattr };
136 # in order to lookup vendor libraries. The execute permission
142 allow { domain -coredomain } vendor_file_type:file { read open getattr execute };
364 }:file execute;
370 } { fs_type -rootfs }:file execute;
372 …domain { cache_file cache_backup_file cache_private_backup_file cache_recovery_file }:file execute;
717 # Non-vendor domains are not allowed to file execute shell
722 } vendor_shell_exec:file { execute execute_no_trans };
724 # Do not allow vendor components to execute files from system
737 }:file { entrypoint execute execute_no_trans };
812 # Nobody should be able to execute su on user builds.
814 # su itself execute su.
990 neverallow * domain:file { execute execute_no_trans entrypoint };