property_service: make /dev/__properties__ readable

Currently, system properties are passed via the environment
variable ANDROID_PROPERTY_WORKSPACE and a file descriptor passed
from parent to child. This is insecure for setuid executables,
as the environment variable can be changed by the caller.

Make the /dev/__properties__ file accessible, so an app can
get properties directly from the file, rather than relying on
environment variables.

Preserve the environment variable for compatibility with pre-existing
apps.

Bug: 8045561
Change-Id: If81e2b705eca43ddd8b491871aceff59c0e00387
This commit is contained in:
Nick Kralevich 2013-01-23 09:24:33 -08:00
parent 2840647b15
commit 7ece0a862c
1 changed files with 2 additions and 4 deletions

View File

@ -123,7 +123,7 @@ static int init_workspace(workspace *w, size_t size)
/* dev is a tmpfs that we can use to carve a shared workspace
* out of, so let's do that...
*/
fd = open("/dev/__properties__", O_RDWR | O_CREAT | O_NOFOLLOW, 0600);
fd = open(PROP_FILENAME, O_RDWR | O_CREAT | O_NOFOLLOW, 0644);
if (fd < 0)
return -1;
@ -136,12 +136,10 @@ static int init_workspace(workspace *w, size_t size)
close(fd);
fd = open("/dev/__properties__", O_RDONLY | O_NOFOLLOW);
fd = open(PROP_FILENAME, O_RDONLY | O_NOFOLLOW);
if (fd < 0)
return -1;
unlink("/dev/__properties__");
w->data = data;
w->size = size;
w->fd = fd;