diff options
| author | San Mehat <san@google.com> | 2009-05-18 13:44:42 -0700 |
|---|---|---|
| committer | The Android Open Source Project <initial-contribution@android.com> | 2009-05-18 13:44:42 -0700 |
| commit | e78bd6a00d0be0df66c4a7ea068c8d33c756b037 (patch) | |
| tree | ec7c597fec2a18b78571372baa852927e243c8a9 /vold | |
| parent | 735b60ebc2c293688d89bd311494ce8f61ba6475 (diff) | |
| parent | b76a63b7bbdf8f51c4e689e241fca6d3a0bc1b1c (diff) | |
| download | system_core-e78bd6a00d0be0df66c4a7ea068c8d33c756b037.zip system_core-e78bd6a00d0be0df66c4a7ea068c8d33c756b037.tar.gz system_core-e78bd6a00d0be0df66c4a7ea068c8d33c756b037.tar.bz2 | |
am b76a63b7: vold: Change VFAT mount options to enable sdcard write restrictions
Merge commit 'b76a63b7bbdf8f51c4e689e241fca6d3a0bc1b1c'
* commit 'b76a63b7bbdf8f51c4e689e241fca6d3a0bc1b1c':
vold: Change VFAT mount options to enable sdcard write restrictions
Diffstat (limited to 'vold')
| -rw-r--r-- | vold/volmgr_vfat.c | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/vold/volmgr_vfat.c b/vold/volmgr_vfat.c index 3c546b4..2b0e1fa 100644 --- a/vold/volmgr_vfat.c +++ b/vold/volmgr_vfat.c @@ -118,15 +118,22 @@ int vfat_mount(blkdev_t *dev, volume_t *vol, boolean safe_mode) flags |= MS_REMOUNT; } + /* + * The mount masks restrict access so that: + * 1. The 'system' user cannot access the SD card at all - + * (protects system_server from grabbing file references) + * 2. Group users can RWX + * 3. Others can only RX + */ rc = mount(devpath, vol->mount_point, "vfat", flags, - "utf8,uid=1000,gid=1000,fmask=711,dmask=700,shortname=mixed"); + "utf8,uid=1000,gid=1015,fmask=702,dmask=702,shortname=mixed"); if (rc && errno == EROFS) { LOGE("vfat_mount(%d:%d, %s): Read only filesystem - retrying mount RO", dev->major, dev->minor, vol->mount_point); flags |= MS_RDONLY; rc = mount(devpath, vol->mount_point, "vfat", flags, - "utf8,uid=1000,gid=1000,fmask=711,dmask=700,shortname=mixed"); + "utf8,uid=1000,gid=1015,fmask=702,dmask=702,shortname=mixed"); } #if VFAT_DEBUG |