diff options
| author | Nick Kralevich <nnk@google.com> | 2014-06-12 23:05:09 +0000 |
|---|---|---|
| committer | Gerrit Code Review <noreply-gerritcodereview@google.com> | 2014-06-10 21:49:56 +0000 |
| commit | 3dd3de03de17546d785ed2a741fc645c1a0fcad5 (patch) | |
| tree | b8671de6701d18ec5bd9b6440406f4c5ee754160 | |
| parent | 18c9394ce1a4869eb5cf91eece02a4e944e2eebc (diff) | |
| parent | 0db0f97d87bae8118e135d5a30edf7f0146098c0 (diff) | |
| download | frameworks_native-3dd3de03de17546d785ed2a741fc645c1a0fcad5.zip frameworks_native-3dd3de03de17546d785ed2a741fc645c1a0fcad5.tar.gz frameworks_native-3dd3de03de17546d785ed2a741fc645c1a0fcad5.tar.bz2 | |
Merge "installd: change profile files to 0660"
| -rw-r--r-- | cmds/installd/utils.c | 35 |
1 files changed, 6 insertions, 29 deletions
diff --git a/cmds/installd/utils.c b/cmds/installd/utils.c index 420ad5e..120fd62 100644 --- a/cmds/installd/utils.c +++ b/cmds/installd/utils.c @@ -1036,50 +1036,27 @@ int ensure_config_user_dirs(userid_t userid) { int create_profile_file(const char *pkgname, gid_t gid) { const char *profile_dir = DALVIK_CACHE_PREFIX "profiles"; - struct stat profileStat; char profile_file[PKG_PATH_MAX]; - // If we don't have a profile directory under dalvik-cache we need to create one. - if (stat(profile_dir, &profileStat) < 0) { - // Create the profile directory under dalvik-cache. - if (mkdir(profile_dir, 0711) < 0) { - ALOGE("cannot make profile dir '%s': %s\n", profile_dir, strerror(errno)); - return -1; - } - - // Make the profile directory write-only for group and other. Owner can rwx it. - if (chmod(profile_dir, 0711) < 0) { - ALOGE("cannot chown profile dir '%s': %s\n", profile_dir, strerror(errno)); - rmdir(profile_dir); - return -1; - } - - if (selinux_android_restorecon(profile_dir, 0) < 0) { - ALOGE("cannot restorecon profile dir '%s': %s\n", profile_dir, strerror(errno)); - rmdir(profile_dir); - return -1; - } - } - snprintf(profile_file, sizeof(profile_file), "%s/%s", profile_dir, pkgname); // The 'system' user needs to be able to read the profile to determine if dex2oat // needs to be run. This is done in dalvik.system.DexFile.isDexOptNeededInternal(). So - // we make it world readable. Not a problem since the dalvik cache is world - // readable anyway. + // we assign ownership to AID_SYSTEM and ensure it's not world-readable. - int fd = open(profile_file, O_WRONLY | O_CREAT | O_EXCL | O_NOFOLLOW, 0664); + int fd = open(profile_file, O_WRONLY | O_CREAT | O_NOFOLLOW | O_CLOEXEC, 0660); - // Open will fail if the file already exists. We want to ignore that. + // Always set the uid/gid/permissions. The file could have been previously created + // with different permissions. if (fd >= 0) { - if (fchown(fd, -1, gid) < 0) { + if (fchown(fd, AID_SYSTEM, gid) < 0) { ALOGE("cannot chown profile file '%s': %s\n", profile_file, strerror(errno)); close(fd); unlink(profile_file); return -1; } - if (fchmod(fd, 0664) < 0) { + if (fchmod(fd, 0660) < 0) { ALOGE("cannot chmod profile file '%s': %s\n", profile_file, strerror(errno)); close(fd); unlink(profile_file); |