property_service: make /dev/__properties__ readable
Currently, system properties are passed via the environment variable ANDROID_PROPERTY_WORKSPACE and a file descriptor passed from parent to child. This is insecure for setuid executables, as the environment variable can be changed by the caller. Make the /dev/__properties__ file accessible, so an app can get properties directly from the file, rather than relying on environment variables. Preserve the environment variable for compatibility with pre-existing apps. Bug: 8045561 Change-Id: If81e2b705eca43ddd8b491871aceff59c0e00387
This commit is contained in:
parent
2840647b15
commit
7ece0a862c
|
@ -123,7 +123,7 @@ static int init_workspace(workspace *w, size_t size)
|
|||
/* dev is a tmpfs that we can use to carve a shared workspace
|
||||
* out of, so let's do that...
|
||||
*/
|
||||
fd = open("/dev/__properties__", O_RDWR | O_CREAT | O_NOFOLLOW, 0600);
|
||||
fd = open(PROP_FILENAME, O_RDWR | O_CREAT | O_NOFOLLOW, 0644);
|
||||
if (fd < 0)
|
||||
return -1;
|
||||
|
||||
|
@ -136,12 +136,10 @@ static int init_workspace(workspace *w, size_t size)
|
|||
|
||||
close(fd);
|
||||
|
||||
fd = open("/dev/__properties__", O_RDONLY | O_NOFOLLOW);
|
||||
fd = open(PROP_FILENAME, O_RDONLY | O_NOFOLLOW);
|
||||
if (fd < 0)
|
||||
return -1;
|
||||
|
||||
unlink("/dev/__properties__");
|
||||
|
||||
w->data = data;
|
||||
w->size = size;
|
||||
w->fd = fd;
|
||||
|
|
Loading…
Reference in New Issue