libprocessgroup: Remove unnecessary permissions change in uid/pid hierarchy
When a new process is launched it ensures that all files under its uid/ and uid/pid hierarchy are accessible by the user/group of that process. If the directory already exists that means the access permissions have been already set before, therefore we do not need to reset them again. This also avoids a race between two processes in the same uid with one process being launched and walking the uid/ directory while the other process is being killed and changing the content of that directory. In such a race the process walking uid/ might find the uid/pid directory of the process being killed but by the time it tries to set its permissions the directory might be removed because the process got killed. The change eliminates the possibility of this race. Bug: 192421915 Bug: 192512069 Signed-off-by: Suren Baghdasaryan <surenb@google.com> Change-Id: I182298c36f6b0b4580ab59e440bd3aea16f5fbfe
This commit is contained in:
parent
9c62cdf3ac
commit
add9a25335
|
@ -224,7 +224,11 @@ void removeAllProcessGroups() {
|
|||
* transferred for the user/group passed as uid/gid before system_server can properly access them.
|
||||
*/
|
||||
static bool MkdirAndChown(const std::string& path, mode_t mode, uid_t uid, gid_t gid) {
|
||||
if (mkdir(path.c_str(), mode) == -1 && errno != EEXIST) {
|
||||
if (mkdir(path.c_str(), mode) == -1) {
|
||||
if (errno == EEXIST) {
|
||||
// Directory already exists and permissions have been set at the time it was created
|
||||
return true;
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in New Issue