Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 17bec835 authored by Stephen Smalley's avatar Stephen Smalley
Browse files

Do not change ownership on /sys/fs/selinux/enforce. 



There is no longer any reason to permit system UID to set enforcing mode.

Change-Id: Ie28beed1ca2b215c71f2847e2390cee1af1713c3
Signed-off-by: default avatarStephen Smalley <sds@tycho.nsa.gov>
parent 48a6d3de

rootdir/init.rc

+0 −3
Original line number Diff line number Diff line
@@ -356,9 +356,6 @@ on boot 
    chown system system /sys/kernel/ipv4/tcp_rmem_max

    chown root radio /proc/cmdline



# Set these so we can remotely update SELinux policy

    chown system system /sys/fs/selinux/enforce



# Define TCP buffer sizes for various networks

#   ReadMin, ReadInitial, ReadMax, WriteMin, WriteInitial, WriteMax,

    setprop net.tcp.buffersize.default  4096,87380,110208,4096,16384,110208