diff options
| author | Nick Kralevich <nnk@google.com> | 2013-03-29 08:55:06 -0700 |
|---|---|---|
| committer | Nick Kralevich <nnk@google.com> | 2013-03-29 08:55:06 -0700 |
| commit | b0f1540f2a1959120d1b083fa14d65f5c45335f8 (patch) | |
| tree | 1e2deefbdcbd1ba18dae0d14f6a3270c4e4cda04 | |
| parent | c8df252fa16d328be197ecc5280a2f8c2aacb5ad (diff) | |
| download | system_core-b0f1540f2a1959120d1b083fa14d65f5c45335f8.zip system_core-b0f1540f2a1959120d1b083fa14d65f5c45335f8.tar.gz system_core-b0f1540f2a1959120d1b083fa14d65f5c45335f8.tar.bz2 | |
run-as: Don't require CAP_DAC_READ_SEARCH
This is a partial AOSP port of Google internal change
080427e4e2b1b72718b660e16b6cf38b3a3c4e3f .
Change-Id: I23a7edc808d227caf3862b035dc2ca39639d9d59
| -rw-r--r-- | run-as/package.c | 19 |
1 files changed, 18 insertions, 1 deletions
diff --git a/run-as/package.c b/run-as/package.c index dce132e..27fc1eb 100644 --- a/run-as/package.c +++ b/run-as/package.c @@ -80,13 +80,30 @@ map_file(const char* filename, size_t* filesize) struct stat st; size_t length = 0; void* address = NULL; + gid_t oldegid; *filesize = 0; + /* + * Temporarily switch effective GID to allow us to read + * the packages file + */ + + oldegid = getegid(); + if (setegid(AID_SYSTEM) < 0) { + return NULL; + } + /* open the file for reading */ fd = TEMP_FAILURE_RETRY(open(filename, O_RDONLY)); - if (fd < 0) + if (fd < 0) { return NULL; + } + + /* restore back to our old egid */ + if (setegid(oldegid) < 0) { + goto EXIT; + } /* get its size */ ret = TEMP_FAILURE_RETRY(fstat(fd, &st)); |