1# rules removed from the domain attribute
2
3# Read files already opened under /data.
4allow domain_deprecated system_data_file:file { getattr read };
5allow domain_deprecated system_data_file:lnk_file r_file_perms;
6
7# Read apk files under /data/app.
8allow domain_deprecated apk_data_file:dir { getattr search };
9allow domain_deprecated apk_data_file:file r_file_perms;
10allow domain_deprecated apk_data_file:lnk_file r_file_perms;
11
12# Read access to pseudo filesystems.
13r_dir_file(domain_deprecated, proc)
14r_dir_file(domain_deprecated, sysfs)
15