Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / frameworks / base / 812b19a425b8304ac9e5408cc8ceb9f363c72559
commit812b19a425b8304ac9e5408cc8ceb9f363c72559[log] [tgz]
authorNick Kralevich <nnk@google.com>Fri Aug 31 16:08:06 2012 -0700
committerNick Kralevich <nnk@google.com>Tue Sep 04 14:58:22 2012 -0700
tree6463a4310d8e3f715988788833bfa51e6ea62689
parente94831e5ed4aa3b1ebc5444cc1b16cdab8cb92f8 [diff]
installd: reduce privileges.

Make installd run with fewer privileges. This will help make
exploitation of installd based vulnerabilities more difficult
to perform.

installd now runs with the following privileges:

* CAP_DAC_OVERRIDE
* CAP_CHOWN

These two capabilities are needed to add and remove files
from application's home directories.

* CAP_SETUID
* CAP_SETGID

These permissions are needed to further drop privileges when
running dexopt as the application UID.

"installd" no longer runs with full root privileges.  It cannot,
for example, mount and unmount filesystems, install modules,
perform direct I/O, etc.

Change-Id: Ib407e41e5e4c95f35a5c6a154812c5e8ae3006ed
2 files changed
tree: 6463a4310d8e3f715988788833bfa51e6ea62689
  1. api/
  2. cmds/
  3. core/
  4. data/
  5. docs/
  6. drm/
  7. graphics/
  8. icu4j/
  9. include/
  10. keystore/
  11. libs/
  12. location/
  13. media/
  14. native/
  15. nfc-extras/
  16. obex/
  17. opengl/
  18. packages/
  19. policy/
  20. samples/
  21. sax/
  22. services/
  23. telephony/
  24. test-runner/
  25. tests/
  26. tools/
  27. voip/
  28. wifi/
  29. Android.mk
  30. CleanSpec.mk
  31. MODULE_LICENSE_APACHE2
  32. NOTICE
  33. preloaded-classes