system_core.git - system/core

	Commit message (Collapse)	Author	Age	Files	Lines
*	am f19e045c: am c8df252f: Merge "run-as: Get seinfo from packages.list and ↵	Geremy Condra	2013-03-28	3	-5/+23
\|\ \| \| \| \| \| \| \| \| \| \| \| \|	pass to libselinux." * commit 'f19e045c58dafbdc46e848ec5a5c935f472dea34': run-as: Get seinfo from packages.list and pass to libselinux.
\| *	run-as: Get seinfo from packages.list and pass to libselinux.	Robert Craig	2013-03-28	3	-5/+23
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Change allows the proper seinfo value to be passed to libselinux to switch to the proper app security context before running the shell. Change-Id: I9d7ea47c920b1bc09a19008345ed7fd0aa426e87 Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil>
* \|	am af4ececc: am 515bed0e: Merge "run-as: set the SELinux security context."	Colin Cross	2013-03-05	2	-0/+8
\|\ \ \| \|/ \| \| \| \| \| \|	* commit 'af4ececc7bd10aec1240acfbfe7756ab8ee16883': run-as: set the SELinux security context.
\| *	run-as: set the SELinux security context.	Stephen Smalley	2012-11-13	2	-0/+8
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Before invoking the specified command or a shell, set the SELinux security context. Change-Id: Ifc7f91aed9d298290b95d771484b322ed7a4c594 Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
* \|	adb: drop capability bounding set on user builds	Nick Kralevich	2013-02-15	1	-1/+18
\|/ \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	run-as: don't require CAP_DAC_OVERRIDE. Prevent an adb spawned application from acquiring capabilities other than * CAP_NET_RAW * CAP_SETUID * CAP_SETGID The only privileged programs accessible on user builds are * /system/bin/ping * /system/bin/run-as and the capabilities above are sufficient to cover those two programs. If the kernel doesn't support file capabilities, we ignore a prctl(PR_CAPBSET_DROP) failure. In a future CL, this could become a fatal error. Change-Id: I45a56712bfda35b5ad9378dde9e04ab062fe691a
*	do more checks on packages.list	Nick Kralevich	2012-02-09	1	-0/+10
\| \| \| \|	Change-Id: I16d6eab5e674c860be915fde2da7877994bed314
*	Don't statically compile run-as	Nick Kralevich	2012-01-23	2	-7/+3
\| \| \| \| \|	Bug: 5904033 Change-Id: Ie815f09a2bf51ad583ded82f652d162a7f70b87e
*	run-as: use mmap to read package list file	David 'Digit' Turner	2011-12-06	1	-32/+59
\| \| \| \| \| \| \| \| \| \| \| \| \|	This patch uses mmap() to read /data/system/packages.list This avoids depending on the size of a fixed static buffer which may happen to be too short for systems with a lot of packages installed. Also avoids calling malloc() which we don't want to trust here since run-as is a setuid program. Change-Id: I1d640a08b5d73af2fc80546b01c8d970c7f6b514
*	run-as: Bump the size of the internal packages list buffer.	David 'Digit' Turner	2011-06-06	1	-1/+1
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	This patch increases the size of the internal buffer used by run-as to store the content of /data/system/packages.list from 8KB to 64KB. It has been reported that, on some systems, 8KB was too small. This resulted in a truncated file being loaded, and the inability to debug native applications properly (either because the application was not found in the list, or because the tool reported a 'corrupted installation' due to BAD_FORMAT issues when parsing the truncated file). See http://code.google.com/p/android/issues/detail?id=16391 Change-Id: I0c35a61b163c4abc6f1a2681adc0ef0d76493171
*	Add 'run-as' command implementation as set-uid program.	David 'Digit' Turner	2010-03-17	5	-0/+892
	Typical usage is 'run-as <package-name> <command>' to run <command> in the data directory, and the user id, of <package-name> if, and only if <package-name> is the name of an installed and debuggable application. This relies on the /data/system/packages.list file generated by the PackageManager service. BEWARE: This is intended to be available on production devices !