From 42a1a126e554a8bca31d0afc832848b7b0fa1f4e Mon Sep 17 00:00:00 2001
From: Mathew Inwood <mathewi@google.com>
Date: Mon, 20 Jul 2020 15:14:55 +0000
Subject: [PATCH] Set /system/xbin permissions to 750.

This directory contains only the su binary which is executable only by
root and shell uids, so need not be accessible to other users.

Test: Device boots
Test: adb shell ls -ld /system/xbin
Change-Id: I4c9daab68b29832ef0ace2dec274687e4496da81
---
 libcutils/fs_config.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libcutils/fs_config.cpp b/libcutils/fs_config.cpp
index b9fc82eae..a0fc03991 100644
--- a/libcutils/fs_config.cpp
+++ b/libcutils/fs_config.cpp
@@ -85,7 +85,7 @@ static const struct fs_path_config android_dirs[] = {
     { 00751, AID_ROOT,         AID_SHELL,        0, "system/bin" },
     { 00755, AID_ROOT,         AID_ROOT,         0, "system/etc/ppp" },
     { 00755, AID_ROOT,         AID_SHELL,        0, "system/vendor" },
-    { 00751, AID_ROOT,         AID_SHELL,        0, "system/xbin" },
+    { 00750, AID_ROOT,         AID_SHELL,        0, "system/xbin" },
     { 00751, AID_ROOT,         AID_SHELL,        0, "system/apex/*/bin" },
     { 00751, AID_ROOT,         AID_SHELL,        0, "system_ext/bin" },
     { 00751, AID_ROOT,         AID_SHELL,        0, "system_ext/apex/*/bin" },