property_service: make /dev/__properties__ readable

Currently, system properties are passed via the environment
variable ANDROID_PROPERTY_WORKSPACE and a file descriptor passed
from parent to child. This is insecure for setuid executables,
as the environment variable can be changed by the caller.

Make the /dev/__properties__ file accessible, so an app can
get properties directly from the file, rather than relying on
environment variables.

Preserve the environment variable for compatibility with pre-existing
apps.

Bug: 8045561

(cherry picked from commit 7ece0a862cf97e85bbe69458a32a2bd165456874)

Change-Id: I762da21ef4075f288745efed0ec7d16c2b71303c

1 files changed, 2 insertions, 4 deletions

diff --git a/init/property_service.c b/init/property_service.c
index 86e35f1..c682809 100755
--- a/init/property_service.c
+++ b/init/property_service.c
@@ -123,7 +123,7 @@ static int init_workspace(workspace *w, size_t size)
         /* dev is a tmpfs that we can use to carve a shared workspace
          * out of, so let's do that...
          */
-    fd = open("/dev/__properties__", O_RDWR | O_CREAT | O_NOFOLLOW, 0600);
+    fd = open(PROP_FILENAME, O_RDWR | O_CREAT | O_NOFOLLOW, 0644);
     if (fd < 0)
         return -1;
 
@@ -136,12 +136,10 @@ static int init_workspace(workspace *w, size_t size)
 
     close(fd);
 
-    fd = open("/dev/__properties__", O_RDONLY | O_NOFOLLOW);
+    fd = open(PROP_FILENAME, O_RDONLY | O_NOFOLLOW);
     if (fd < 0)
         return -1;
 
-    unlink("/dev/__properties__");
-
     w->data = data;
     w->size = size;
     w->fd = fd;