summaryrefslogtreecommitdiffstats
path: root/init/init.c
diff options
context:
space:
mode:
authorNick Kralevich <nnk@google.com>2013-01-18 14:31:19 -0800
committerNick Kralevich <nnk@google.com>2013-01-18 14:31:19 -0800
commit51e06618dbd87c4374c56d9193a5e567aa3d02ac (patch)
treef710aa72d5c62695d0ff44a6f5aff429929c9f0f /init/init.c
parentd984497a8886251540a057f379e0f016ea72696b (diff)
downloadsystem_core-51e06618dbd87c4374c56d9193a5e567aa3d02ac.zip
system_core-51e06618dbd87c4374c56d9193a5e567aa3d02ac.tar.gz
system_core-51e06618dbd87c4374c56d9193a5e567aa3d02ac.tar.bz2
init: make system properties more secure.
Currently, system properties are passed via the environment variable ANDROID_PROPERTY_WORKSPACE and a file descriptor passed from parent to child. This is insecure for setuid executables, as the environment variable can be changed by the caller. Modify system property handling so that we get the properties from a root owned properties file, rather than using an environment variable. Related to bug: 8029617 Change-Id: I18610128e11c4037ed6f4dec6eba20f69fa647eb
Diffstat (limited to 'init/init.c')
-rwxr-xr-xinit/init.c5
1 files changed, 0 insertions, 5 deletions
diff --git a/init/init.c b/init/init.c
index 2fbe002..bc88ba9 100755
--- a/init/init.c
+++ b/init/init.c
@@ -233,11 +233,6 @@ void service_start(struct service *svc, const char *dynamic_args)
int fd, sz;
umask(077);
- if (properties_inited()) {
- get_property_workspace(&fd, &sz);
- sprintf(tmp, "%d,%d", dup(fd), sz);
- add_environment("ANDROID_PROPERTY_WORKSPACE", tmp);
- }
for (ei = svc->envvars; ei; ei = ei->next)
add_environment(ei->name, ei->value);