type wephone_exec, exec_type, file_type;

domain_auto_trans(init, wephone_exec);

allow { appdomain shell } wephone_exec:file { getattr read open execute execute_no_trans };