Removing create/write permission from /data for all domains.
Change-Id: I5a4f66a8c29770d9bc2220a9302b8d6496f40ad5
diff --git a/apq8084/qseecomd.te b/apq8084/qseecomd.te
deleted file mode 100644
index 049367c..0000000
--- a/apq8084/qseecomd.te
+++ /dev/null
@@ -1,6 +0,0 @@
-userdebug_or_eng(`
- # Playready should be able to create/delete dir under /data/data
- # Securemm should be able to create/delete dir under /data/misc
- allow tee system_data_file:dir create_dir_perms;
- allow tee system_data_file:file create_file_perms;
-')
diff --git a/common/rild.te b/common/rild.te
index 592e80e..ab94e00 100644
--- a/common/rild.te
+++ b/common/rild.te
@@ -17,8 +17,5 @@
unix_socket_connect(rild, rild, time_daemon)
allow rild system_health_monitor_device:chr_file r_file_perms;
-allow rild system_data_file:dir w_dir_perms;
-allow rild system_data_file:file create_file_perms;
-
dontaudit rild domain:dir r_dir_perms;
r_dir_file(rild, netmgrd)
diff --git a/mpq8064/qseecomd.te b/mpq8064/qseecomd.te
deleted file mode 100644
index 049367c..0000000
--- a/mpq8064/qseecomd.te
+++ /dev/null
@@ -1,6 +0,0 @@
-userdebug_or_eng(`
- # Playready should be able to create/delete dir under /data/data
- # Securemm should be able to create/delete dir under /data/misc
- allow tee system_data_file:dir create_dir_perms;
- allow tee system_data_file:file create_file_perms;
-')
diff --git a/msm8960/qseecomd.te b/msm8960/qseecomd.te
deleted file mode 100644
index 049367c..0000000
--- a/msm8960/qseecomd.te
+++ /dev/null
@@ -1,6 +0,0 @@
-userdebug_or_eng(`
- # Playready should be able to create/delete dir under /data/data
- # Securemm should be able to create/delete dir under /data/misc
- allow tee system_data_file:dir create_dir_perms;
- allow tee system_data_file:file create_file_perms;
-')
diff --git a/msm8974/qseecomd.te b/msm8974/qseecomd.te
deleted file mode 100644
index 049367c..0000000
--- a/msm8974/qseecomd.te
+++ /dev/null
@@ -1,6 +0,0 @@
-userdebug_or_eng(`
- # Playready should be able to create/delete dir under /data/data
- # Securemm should be able to create/delete dir under /data/misc
- allow tee system_data_file:dir create_dir_perms;
- allow tee system_data_file:file create_file_perms;
-')
diff --git a/msm8x10/qseecomd.te b/msm8x10/qseecomd.te
deleted file mode 100644
index 049367c..0000000
--- a/msm8x10/qseecomd.te
+++ /dev/null
@@ -1,6 +0,0 @@
-userdebug_or_eng(`
- # Playready should be able to create/delete dir under /data/data
- # Securemm should be able to create/delete dir under /data/misc
- allow tee system_data_file:dir create_dir_perms;
- allow tee system_data_file:file create_file_perms;
-')
diff --git a/msm8x26/qseecomd.te b/msm8x26/qseecomd.te
deleted file mode 100644
index 049367c..0000000
--- a/msm8x26/qseecomd.te
+++ /dev/null
@@ -1,6 +0,0 @@
-userdebug_or_eng(`
- # Playready should be able to create/delete dir under /data/data
- # Securemm should be able to create/delete dir under /data/misc
- allow tee system_data_file:dir create_dir_perms;
- allow tee system_data_file:file create_file_perms;
-')
diff --git a/test/sectest.te b/test/sectest.te
index e248a61..2a80024 100755
--- a/test/sectest.te
+++ b/test/sectest.te
@@ -14,9 +14,4 @@
# respective directories
allow sectest data_qsee_file:dir create_dir_perms;
allow sectest data_qsee_file:file create_file_perms;
- allow sectest system_data_file:dir r_dir_perms;
-
- # Allow secure apps to access /data for older targets
- allow sectest system_data_file:dir create_dir_perms;
- allow sectest system_data_file:file create_file_perms;
')