diff --git a/sepolicy/ohos_policy/filemanagement/userfile_manager/system/medialibrary_hap.te b/sepolicy/ohos_policy/filemanagement/userfile_manager/system/medialibrary_hap.te
new file mode 100644
index 0000000000000000000000000000000000000000..edfcb9277912232d63a948e163f0b50f679e8f83
--- /dev/null
+++ b/sepolicy/ohos_policy/filemanagement/userfile_manager/system/medialibrary_hap.te
@@ -0,0 +1,20 @@
+# Copyright (c) 2023 Huawei Device Co., Ltd.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+type medialibrary_hap, normal_hap_attr, hap_domain, domain;
+
+type medialibrary_hap_data_file, normal_hap_data_file_attr, hap_file_attr, data_file_attr, file_attr;
+
+allow medialibrary_hap mimetype_file:file { open read getattr };
+allow medialibrary_hap privacy_service:binder call;
+allow medialibrary_hap distributedfiledaemon:binder transfer;
diff --git a/sepolicy/ohos_policy/filemanagement/userfile_manager/system/normal_hap.te b/sepolicy/ohos_policy/filemanagement/userfile_manager/system/normal_hap.te
index 0ed34230bcf2a5849815f8ab3275a8fa167386e9..51f52eff4aaa9e4785e03e0db27b6989c72f5039 100644
--- a/sepolicy/ohos_policy/filemanagement/userfile_manager/system/normal_hap.te
+++ b/sepolicy/ohos_policy/filemanagement/userfile_manager/system/normal_hap.te
@@ -18,12 +18,7 @@ neverallow {
     never_execute_file
 };
 
-allow normal_hap_attr hmdfs:dir create_dir_perms;
-allow normal_hap_attr hmdfs:{file lnk_file} create_file_perms;
 allow hap_domain data_user_file:dir create_dir_perms;
 allow hap_domain data_user_file:file create_file_perms;
-allow normal_hap_attr privacy_service:binder call;
 allow hap_domain epfs:dir create_dir_perms;
 allow hap_domain epfs:{file lnk_file} create_file_perms;
-
-allow normal_hap_attr mimetype_file:file { open read getattr };
diff --git a/sepolicy/ohos_policy/filemanagement/userfile_manager/system/sehap_contexts b/sepolicy/ohos_policy/filemanagement/userfile_manager/system/sehap_contexts
new file mode 100644
index 0000000000000000000000000000000000000000..d626936997a1f64ee7b1f4fd43e6f47b119925cd
--- /dev/null
+++ b/sepolicy/ohos_policy/filemanagement/userfile_manager/system/sehap_contexts
@@ -0,0 +1,15 @@
+# Copyright (c) 2023 Huawei Device Co., Ltd.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apl=normal name=com.ohos.medialibrary.medialibrarydata domain=medialibrary_hap type=medialibrary_hap_data_file
+apl=normal name=com.ohos.medialibrary.medialibrarydata:fileAccess domain=medialibrary_hap type=medialibrary_hap_data_file