Be strict, but not that strict.
Certain apps decide that they want to chmod() their private data
directories to gain more security. We still want to carefully
enforce owner UID/GID, but relax the mode check for now.
Bug: 26549892
Change-Id: I362d530ba0b20fb23f427ac082ee003864adc57d
diff --git a/libcutils/fs.c b/libcutils/fs.c
index 88c488c..5e2ef0b 100644
--- a/libcutils/fs.c
+++ b/libcutils/fs.c
@@ -55,13 +55,22 @@
ALOGE("Not a directory: %s", path);
return -1;
}
- if (((sb.st_mode & ALL_PERMS) == mode) && (sb.st_uid == uid) && (sb.st_gid == gid)) {
+ int owner_match = ((sb.st_uid == uid) && (sb.st_gid == gid));
+ int mode_match = ((sb.st_mode & ALL_PERMS) == mode);
+ if (owner_match && mode_match) {
return 0;
} else if (allow_fixup) {
goto fixup;
} else {
- ALOGE("Path %s exists with unexpected permissions", path);
- return -1;
+ if (!owner_match) {
+ ALOGE("Expected path %s with owner %d:%d but found %d:%d",
+ path, uid, gid, sb.st_uid, sb.st_gid);
+ return -1;
+ } else {
+ ALOGW("Expected path %s with mode %o but found %o",
+ path, mode, (sb.st_mode & ALL_PERMS));
+ return 0;
+ }
}
create: