I have an application signed with the platform keys and want to access the file e.g /system/myfile.txt. Does a system app have permissions to read and write in /system/ directory?
No app or service should be able to write to /system as it is read-only.
You can check SELinux policies with the sepolicy-check tool.
. build/envsetup.sh
lunch
m sepolicy-check
# Check whether system_app can read system_file.
sepolicy-check -s system_app -t system_file -c file -p read -P $OUT/root/sepolicy; echo $?
# Check whether system_app can write system_file.
sepolicy-check -s system_app -t system_file -c file -p write -P $OUT/root/sepolicy; echo $?
The read check prints a Match found! message and returns 1. The write check only returns 0, indicating that the allow rule was not found. Since SELinux will only allow what is explicitly allowed in a rule, writing to /system is forbidden for system apps.