openkylin
/
platform_system_core
mirror of https://gitee.com/openkylin/platform_system_core.git
9
0
Fork 0
Code Issues Projects Releases Wiki Activity

Remove obsolete warning from restorecon_recursive documentation. 

We originally included a warning to not invoke restorecon_recursive
with a path leading to a shell-writable or app-writable directory
due to concerns about the potential for mischief with symlinks during
the restorecon_recursive.  However, this warning was never necessary for
calling restorecon_recursive during system initialization before an adb
shell or app can run, and we have further prohibited init from
reading/following symlinks that can be created by shell or apps in
policy, so this warning is superfluous.  It also contradicts current
usage of restorecon_recursive in rootdir/init.rc, since it is called
there on /data.

Change-Id: I28a635e0b5991ced8adcef93e7a04f9d9e5634fd
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
This commit is contained in:
Stephen Smalley 2014-09-02 09:34:53 -04:00
parent 7a1973ece3
commit d9c19b0c15
1 changed files with 0 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
init/readme.txt
View File

@ -202,8 +202,6 @@ restorecon <path> [ <path> ]*
restorecon_recursive <path> [ <path> ]*
Recursively restore the directory tree named by <path> to the
security contexts specified in the file_contexts configuration.
Do NOT use this with paths leading to shell-writable or app-writable
directories, e.g. /data/local/tmp, /data/data or any prefix thereof.
setcon <securitycontext>
Set the current process security context to the specified string.