init.rc: Add documentation
Android developers should never place files in /data/local/tmp. Files or directories in /data/local/tmp can be minipulated by the shell user. Android developers should never create world-writable files or directories. This is a common source of security vulnerabilities. Change-Id: I6d2cd620ab49d8ca3f39282f7d2ed682a9ba91c3
This commit is contained in:
Nick Kralevich
parent
1a87808b30
commit
f3ef1271f2
|
|
@ -1,3 +1,9 @@
|
|||
# Copyright (C) 2012 The Android Open Source Project
|
||||
#
|
||||
# IMPORTANT: Do not create world writable files or directories.
|
||||
# This is a common source of Android security bugs.
|
||||
#
|
||||
|
||||
import /init.${ro.hardware}.rc
|
||||
|
||||
on early-init
|
||||
|
|
@ -163,6 +169,9 @@ on post-fs-data
|
|||
mkdir /data/misc/wifi 0770 wifi wifi
|
||||
chmod 0660 /data/misc/wifi/wpa_supplicant.conf
|
||||
mkdir /data/local 0751 root root
|
||||
|
||||
# For security reasons, /data/local/tmp should always be empty.
|
||||
# Do not place files or directories in /data/local/tmp
|
||||
mkdir /data/local/tmp 0771 shell shell
|
||||
mkdir /data/data 0771 system system
|
||||
mkdir /data/app-private 0771 system system
|
||||
|
|
|
|||
Loading…
Reference in New Issue