Skip to content

Tighten sepolicy service exposure for openphone_agent/context/assistant_data #78

Description

@adamcohenhillel

The three OpenPhone system services (openphone_agent, openphone_context, openphone_assistant_data) are labelled system_api_service in patches/system_sepolicy/0001-0003 under private/service.te. That attribute exposes the services to any system_app domain, which is slightly broader than needed — the only intended caller is the platform-signed OpenPhoneAssistant app.

Fix

  • Introduce dedicated types (e.g. openphone_service) and allow rules specific to the assistant's domain, dropping the broad system_api_service grouping.
  • Verify with sepolicy_analyze neverallow that no unintended domain retains access.

Size: S

Metadata

Metadata

Assignees

No one assigned

    Labels

    M3-upstreamM3: Upstream DurabilitysecuritySecurity-relevant issue

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions