@nprofile1q... They weaken system SELinux policies for their OS changes and their vendor SELinux policies aren't as well made as Pixels. However, they'll still have these socket protections and aren't allowed to violate the standard neverallow rules which is a huge part of why Android has such extensive neverallow rules. They're partly there to stop OEM system and vendor SELinux policies from ruining the security model. Android has neverallows policies for this. Note the thread has more posts now.