- typeattribute recovery_persist coredomain;
- init_daemon_domain(recovery_persist)
- # recovery_persist is not allowed to write anywhere other than recovery_data_file
- neverallow recovery_persist {
- file_type
- -recovery_data_file
- userdebug_or_eng(`-coredump_file')
- with_native_coverage(`-method_trace_data_file')
- }:file write;
|
