From 51e06618dbd87c4374c56d9193a5e567aa3d02ac Mon Sep 17 00:00:00 2001 From: Nick Kralevich Date: Fri, 18 Jan 2013 14:31:19 -0800 Subject: init: make system properties more secure. Currently, system properties are passed via the environment variable ANDROID_PROPERTY_WORKSPACE and a file descriptor passed from parent to child. This is insecure for setuid executables, as the environment variable can be changed by the caller. Modify system property handling so that we get the properties from a root owned properties file, rather than using an environment variable. Related to bug: 8029617 Change-Id: I18610128e11c4037ed6f4dec6eba20f69fa647eb --- init/init.c | 5 ----- init/property_service.c | 24 ++++-------------------- init/property_service.h | 1 - 3 files changed, 4 insertions(+), 26 deletions(-) diff --git a/init/init.c b/init/init.c index 2fbe002..bc88ba9 100755 --- a/init/init.c +++ b/init/init.c @@ -233,11 +233,6 @@ void service_start(struct service *svc, const char *dynamic_args) int fd, sz; umask(077); - if (properties_inited()) { - get_property_workspace(&fd, &sz); - sprintf(tmp, "%d,%d", dup(fd), sz); - add_environment("ANDROID_PROPERTY_WORKSPACE", tmp); - } for (ei = svc->envvars; ei; ei = ei->next) add_environment(ei->name, ei->value); diff --git a/init/property_service.c b/init/property_service.c index 61dd86f..b608d2f 100755 --- a/init/property_service.c +++ b/init/property_service.c @@ -112,7 +112,6 @@ struct { typedef struct { void *data; size_t size; - int fd; } workspace; static int init_workspace(workspace *w, size_t size) @@ -120,10 +119,10 @@ static int init_workspace(workspace *w, size_t size) void *data; int fd; - /* dev is a tmpfs that we can use to carve a shared workspace - * out of, so let's do that... - */ - fd = open("/dev/__properties__", O_RDWR | O_CREAT | O_NOFOLLOW, 0600); + /* dev is a tmpfs that we can use to carve a shared workspace + * out of, so let's do that... + */ + fd = open(PROP_FILENAME, O_RDWR | O_CREAT | O_NOFOLLOW, 0644); if (fd < 0) return -1; @@ -136,15 +135,8 @@ static int init_workspace(workspace *w, size_t size) close(fd); - fd = open("/dev/__properties__", O_RDONLY | O_NOFOLLOW); - if (fd < 0) - return -1; - - unlink("/dev/__properties__"); - w->data = data; w->size = size; - w->fd = fd; return 0; out: @@ -174,8 +166,6 @@ static int init_property_area(void) if(init_workspace(&pa_workspace, PA_SIZE)) return -1; - fcntl(pa_workspace.fd, F_SETFD, FD_CLOEXEC); - pa_info_array = (void*) (((char*) pa_workspace.data) + PA_INFO_START); pa = pa_workspace.data; @@ -463,12 +453,6 @@ void handle_property_set_fd() } } -void get_property_workspace(int *fd, int *sz) -{ - *fd = pa_workspace.fd; - *sz = pa_workspace.size; -} - static void load_properties(char *data) { char *key, *value, *eol, *sol, *tmp; diff --git a/init/property_service.h b/init/property_service.h index b9d1bf6..df71f3f 100644 --- a/init/property_service.h +++ b/init/property_service.h @@ -24,7 +24,6 @@ extern void property_init(void); extern void property_load_boot_defaults(void); extern void load_persist_props(void); extern void start_property_service(void); -void get_property_workspace(int *fd, int *sz); extern const char* property_get(const char *name); extern int property_set(const char *name, const char *value); extern int properties_inited(); -- cgit v1.1