diff options
| author | Stephen Smalley <sds@tycho.nsa.gov> | 2012-11-13 12:56:48 -0500 |
|---|---|---|
| committer | Ricardo Cerqueira <cyanogenmod@cerqueira.org> | 2013-07-18 20:38:39 +0100 |
| commit | e46e20d18ae842d964836640057554783f564482 (patch) | |
| tree | a6e8436ff2e629c65b36dbd18d50a912832b96ae | |
| parent | f97984a242911f927e32b7404f0effe4e08c4f7a (diff) | |
| download | system_core-e46e20d18ae842d964836640057554783f564482.zip system_core-e46e20d18ae842d964836640057554783f564482.tar.gz system_core-e46e20d18ae842d964836640057554783f564482.tar.bz2 | |
run-as: set the SELinux security context.
Before invoking the specified command or a shell, set the
SELinux security context.
Change-Id: Ifc7f91aed9d298290b95d771484b322ed7a4c594
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
| -rw-r--r-- | run-as/Android.mk | 2 | ||||
| -rw-r--r-- | run-as/run-as.c | 6 |
2 files changed, 8 insertions, 0 deletions
diff --git a/run-as/Android.mk b/run-as/Android.mk index 043cc3a..a8f2885 100644 --- a/run-as/Android.mk +++ b/run-as/Android.mk @@ -3,6 +3,8 @@ include $(CLEAR_VARS) LOCAL_SRC_FILES:= run-as.c package.c +LOCAL_SHARED_LIBRARIES := libselinux + LOCAL_MODULE:= run-as include $(BUILD_EXECUTABLE) diff --git a/run-as/run-as.c b/run-as/run-as.c index 20e1530..9eb09ae 100644 --- a/run-as/run-as.c +++ b/run-as/run-as.c @@ -29,6 +29,7 @@ #include <time.h> #include <stdarg.h> +#include <selinux/android.h> #include <private/android_filesystem_config.h> #include "package.h" @@ -162,6 +163,11 @@ int main(int argc, char **argv) return 1; } + if (selinux_android_setcontext(uid, 0, NULL, pkgname) < 0) { + panic("Could not set SELinux security context: %s\n", strerror(errno)); + return 1; + } + /* User specified command for exec. */ if (argc >= 3 ) { if (execvp(argv[2], argv+2) < 0) { |