Do not change ownership on /sys/fs/selinux/enforce.
There is no longer any reason to permit system UID to set enforcing mode. Change-Id: Ie28beed1ca2b215c71f2847e2390cee1af1713c3 Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
This commit is contained in:
Stephen Smalley
parent
48a6d3de59
commit
17bec835d5
1 changed files with 0 additions and 3 deletions
|
|
@ -356,9 +356,6 @@ on boot
|
|||
chown system system /sys/kernel/ipv4/tcp_rmem_max
|
||||
chown root radio /proc/cmdline
|
||||
|
||||
# Set these so we can remotely update SELinux policy
|
||||
chown system system /sys/fs/selinux/enforce
|
||||
|
||||
# Define TCP buffer sizes for various networks
|
||||
# ReadMin, ReadInitial, ReadMax, WriteMin, WriteInitial, WriteMax,
|
||||
setprop net.tcp.buffersize.default 4096,87380,110208,4096,16384,110208
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue