diff options
author | Nick Kralevich <nnk@google.com> | 2013-01-18 14:31:19 -0800 |
---|---|---|
committer | Nick Kralevich <nnk@google.com> | 2013-01-18 14:31:19 -0800 |
commit | 51e06618dbd87c4374c56d9193a5e567aa3d02ac (patch) | |
tree | f710aa72d5c62695d0ff44a6f5aff429929c9f0f | |
parent | d984497a8886251540a057f379e0f016ea72696b (diff) | |
download | system_core-51e06618dbd87c4374c56d9193a5e567aa3d02ac.zip system_core-51e06618dbd87c4374c56d9193a5e567aa3d02ac.tar.gz system_core-51e06618dbd87c4374c56d9193a5e567aa3d02ac.tar.bz2 |
init: make system properties more secure.
Currently, system properties are passed via the environment
variable ANDROID_PROPERTY_WORKSPACE and a file descriptor passed
from parent to child. This is insecure for setuid executables,
as the environment variable can be changed by the caller.
Modify system property handling so that we get the properties
from a root owned properties file, rather than using an
environment variable.
Related to bug: 8029617
Change-Id: I18610128e11c4037ed6f4dec6eba20f69fa647eb
-rwxr-xr-x | init/init.c | 5 | ||||
-rwxr-xr-x | init/property_service.c | 24 | ||||
-rw-r--r-- | init/property_service.h | 1 |
3 files changed, 4 insertions, 26 deletions
diff --git a/init/init.c b/init/init.c index 2fbe002..bc88ba9 100755 --- a/init/init.c +++ b/init/init.c @@ -233,11 +233,6 @@ void service_start(struct service *svc, const char *dynamic_args) int fd, sz; umask(077); - if (properties_inited()) { - get_property_workspace(&fd, &sz); - sprintf(tmp, "%d,%d", dup(fd), sz); - add_environment("ANDROID_PROPERTY_WORKSPACE", tmp); - } for (ei = svc->envvars; ei; ei = ei->next) add_environment(ei->name, ei->value); diff --git a/init/property_service.c b/init/property_service.c index 61dd86f..b608d2f 100755 --- a/init/property_service.c +++ b/init/property_service.c @@ -112,7 +112,6 @@ struct { typedef struct { void *data; size_t size; - int fd; } workspace; static int init_workspace(workspace *w, size_t size) @@ -120,10 +119,10 @@ static int init_workspace(workspace *w, size_t size) void *data; int fd; - /* dev is a tmpfs that we can use to carve a shared workspace - * out of, so let's do that... - */ - fd = open("/dev/__properties__", O_RDWR | O_CREAT | O_NOFOLLOW, 0600); + /* dev is a tmpfs that we can use to carve a shared workspace + * out of, so let's do that... + */ + fd = open(PROP_FILENAME, O_RDWR | O_CREAT | O_NOFOLLOW, 0644); if (fd < 0) return -1; @@ -136,15 +135,8 @@ static int init_workspace(workspace *w, size_t size) close(fd); - fd = open("/dev/__properties__", O_RDONLY | O_NOFOLLOW); - if (fd < 0) - return -1; - - unlink("/dev/__properties__"); - w->data = data; w->size = size; - w->fd = fd; return 0; out: @@ -174,8 +166,6 @@ static int init_property_area(void) if(init_workspace(&pa_workspace, PA_SIZE)) return -1; - fcntl(pa_workspace.fd, F_SETFD, FD_CLOEXEC); - pa_info_array = (void*) (((char*) pa_workspace.data) + PA_INFO_START); pa = pa_workspace.data; @@ -463,12 +453,6 @@ void handle_property_set_fd() } } -void get_property_workspace(int *fd, int *sz) -{ - *fd = pa_workspace.fd; - *sz = pa_workspace.size; -} - static void load_properties(char *data) { char *key, *value, *eol, *sol, *tmp; diff --git a/init/property_service.h b/init/property_service.h index b9d1bf6..df71f3f 100644 --- a/init/property_service.h +++ b/init/property_service.h @@ -24,7 +24,6 @@ extern void property_init(void); extern void property_load_boot_defaults(void); extern void load_persist_props(void); extern void start_property_service(void); -void get_property_workspace(int *fd, int *sz); extern const char* property_get(const char *name); extern int property_set(const char *name, const char *value); extern int properties_inited(); |