system_core.git - system/core

	Commit message (Collapse)	Author	Age	Files	Lines
*	Extend run-as with optional --user argument.	Oleksiy Vyalov	2015-06-10	1	-9/+28
\| \| \| \| \| \| \| \|	1. Calculate AID for spawned process as (100000 * $user) + uid_from_packages.list 2. Use /data/user/$user/$packageDir as a root of a new process if $user != 0. Change-Id: I761dfb481114bd51e5a950307fcaf403e96eef10 (cherry picked from commit da31778f3b422d9583f334273eb8d9f6aabd5d34)
*	run-as: bracket capability	Mark Salyzyn	2015-03-31	1	-45/+48
\| \| \| \| \| \| \| \| \| \|	- do not assume that caller has granted effective bits in capabilities - only elevate capabilities when needed - suppress capabilities before exec when called as shell,shell,shell - some Android coding standard cleanup Bug: 19908228 Change-Id: Ibe3d1c1a0fdcb54c41d7a72395e50ad749df98ce
*	Fix run-as which was broken in Android 4.3	Alex Klyubin	2013-08-21	1	-19/+24
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	In Android 4.3 the run-as binary no longer has the SUID/SGID bits set. Instead, it requires to be installed with setuid and setgid file-based capabilities. As a result of the above two changes, the binary no longer executes as root when invoked by the "shell" user but can still change its UID/GID to that of the target package. Unfortunately, run-as attempts to chdir into the target package's data directory before changing its effective UID/GID. As a result, when run-as is invoked by the "shell" user, the chdir operation fails. The fix is for run-as to chdir after changing the effective UID/GID to those of the target package. Bug: 10154652 (cherry picked from commit f2904a7b63c2005ab588a9ba2fb309e73200ec81) Change-Id: I0f6cb9efd49f5c2c491f7aa1d614d700a5ec2304
*	run-as: Get seinfo from packages.list and pass to libselinux.	Robert Craig	2013-03-28	1	-1/+1
\| \| \| \| \| \| \| \| \|	Change allows the proper seinfo value to be passed to libselinux to switch to the proper app security context before running the shell. Change-Id: I9d7ea47c920b1bc09a19008345ed7fd0aa426e87 Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil>
*	run-as: set the SELinux security context.	Stephen Smalley	2012-11-13	1	-0/+6
\| \| \| \| \| \| \| \|	Before invoking the specified command or a shell, set the SELinux security context. Change-Id: Ifc7f91aed9d298290b95d771484b322ed7a4c594 Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
*	Don't statically compile run-as	Nick Kralevich	2012-01-23	1	-3/+3
\| \| \| \| \|	Bug: 5904033 Change-Id: Ie815f09a2bf51ad583ded82f652d162a7f70b87e
*	Add 'run-as' command implementation as set-uid program.	David 'Digit' Turner	2010-03-17	1	-0/+178
	Typical usage is 'run-as <package-name> <command>' to run <command> in the data directory, and the user id, of <package-name> if, and only if <package-name> is the name of an installed and debuggable application. This relies on the /data/system/packages.list file generated by the PackageManager service. BEWARE: This is intended to be available on production devices !