Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / frameworks / base / 59972218f8c0d397fc50400a2b8b9be92ceeaf93
commit59972218f8c0d397fc50400a2b8b9be92ceeaf93[log] [tgz]
authorJosh Gao <jmgao@google.com>Wed Jan 25 11:45:58 2017 -0800
committerJosh Gao <jmgao@google.com>Wed Jan 25 12:03:02 2017 -0800
treece3fdda19432e4cce6b34bda9907db04ebf6093a
parent35c715332f9c5ea6bd91f4b26c954ef89026e814 [diff]
zygote: don't drop CAP_SYS_PTRACE from the bounding set.

crash_dump needs to acquire CAP_SYS_PTRACE to be able to ptrace
processes with capabilities. selinux should hopefully be sufficient for
restricting ptrace to processes that should do it.

Bug: http://b/34694637
Test: debuggerd `pidof system_server`
Change-Id: If46f0b9baa54529780f7767f309f76b102a42ab4
1 file changed
tree: ce3fdda19432e4cce6b34bda9907db04ebf6093a
  1. api/
  2. cmds/
  3. core/
  4. data/
  5. docs/
  6. drm/
  7. graphics/
  8. keystore/
  9. legacy-test/
  10. libs/
  11. location/
  12. media/
  13. native/
  14. nfc-extras/
  15. obex/
  16. opengl/
  17. packages/
  18. proto/
  19. rs/
  20. samples/
  21. sax/
  22. services/
  23. telecomm/
  24. telephony/
  25. test-runner/
  26. tests/
  27. tools/
  28. wifi/
  29. Android.bp
  30. Android.mk
  31. CleanSpec.mk
  32. compiled-classes-phone
  33. MODULE_LICENSE_APACHE2
  34. NOTICE
  35. preloaded-classes