SEPolicy violation for apex libc?

[Flamefire]

Getting things like this: avc: denied { execmod } for comm="com.whatsapp" path="/apex/com.android.runtime/lib64/bionic/libc.so" dev="loop3" ino=91 scontext=u:r:untrusted_app:s0:c247,c256,c512,c768 tcontext=u:object_r:system_lib_file:s0 tclass=file permissive=0 ppid=746 pcomm="main" pgid=746 pgcomm="main" app=com.whatsapp

I'd say an allow untrusted_app apex_mnt_dir:file execmod; would allow this and still be "safe".

Thoughts?

[Flamefire]

Oh wait... Why would that modify that library? O.o

So: No

[derfelot]

yeah, most apps (whatsapp in this case, but element for android does some weird things too) clearly try to access stuff that they shouldn't have acccess to. I wouldn't worry about that too much ;)