mksh provides a kill primitive with signal names, but also offer it in
our toolbox binary. This will allow anyone to use "kill -HUP <pid>" or
"kill -l" to look at the name to number signal mapping.
Change-Id: Id683721f4ad3f2b518b4dc54a6073510290cbe04
Modify init to set the umask to 077 when forking processes.
This helps protect against inadvertant information disclosure
in init's child processes.
ueventd: Keep umask at 000. uevent needs to be able to
create device nodes with exactly the permissions it
indicates.
Testing:
1) Do an "ls -lR /data /dev" on the device before and after
the umask change and diff the output. Verified by hand
that the permission change wouldn't cause any problems.
2) Verify that package installation works, and the permissions
are as expected, when installing a program from market and
"adb install".
Bug: 3272072
Change-Id: Ie4f7f06c0ee9da8d9b6fce25d71d8991a9bce406
Init is going to be modified to set the umask to 077.
This will impact adb, as "adb install" and "adb sync"
assume that files will be world-readable / writable.
Keep adb's umask at 000 for now.
Bug: 3272072
Change-Id: I75978e8dd7bbdf4dbe7c9a691ef516235f207da2
There were some changes to make_ext4fs to add SELinux context. Also, we
changed the "android" argument to an fs_config_func that allows you to
customize the permissions put into a ext4 filesystem.
Change-Id: If23152c40659122a91771fcbd094f713b38e321e
The handling of adb root:/tpcip:/usb: is normally only for non-ADB_HOST.
This avoids getuid() being invoked on windows builds.
Change-Id: I365b81d9f70de99b9347d3eac82e690a8ac5e747
"adb root" creates a socket, then starts the service.
Socket creation should not set the exit_on_close when the service will be
a no-op.
Bug: 6259353
Change-Id: Ie526d2fad64f39a48051ed0ff6fb3405c2802ced
Some versions of windows cannot handle FAT32 filesystems with less
than 65527 clusters, so make sure we don't create such beasts.
Change-Id: Id00fb02c4f8476f7dcc0ef137bd9e4975d740591
This change adds a layer of indirection to uevent's
uevent_kernel_multicast_recv, allowing dependent code to
get the remote endpoint if desired.
Change-Id: If2f00708a1dd6196c415b1ebc2a7eeb72399a90e
With newer Android kernels, anyone can read from the files in
/dev/log. If you're in the logs group (have the READ_LOGS) permission,
you'll see all entries. If you're not in that group, you'll see
log messages associated with your UID.
Relax the permissions on the files in /dev/log/ to allow an application
to read it's own log messages.
Bug: 5748848
Change-Id: Ie740284e96a69567dc73d738117316f938491777
This is part of the multi-project commit to move the filter-framework
from system/media/mca to frameworks/base/media/mca.
Note that the filter-framework will soon be replaced with a refactored
version currently under API review (also to go under frameworks/base).
This move is done now to unblock the PDK efforts.
Change-Id: I87d034a30bb4b98a85a028cb728e37fb97256039
If an error occurs during the verification of an APK, it could be left
in the temporary installation directory.
Change-Id: I4afa5535fc0b978532b31d5b8fb63776963c39db
Make the drm server run as UID=drm, GID=drm. This ensures that
any files created by the drmserver app do not have GID=system.
Bug: 5834297
Change-Id: I3409ad350e9cc82bb0982cdbe470ec1f10b1ca67
Android's kernel logger can optionally return UID information
in addition to the previously returned information. This
information is available by telling the kernel to use the
updated structure via the newly introduced LOGGER_SET_VERSION
ioctl.
int fd = open("/dev/log/main", O_RDONLY);
int version = 2;
ioctl(fd, LOGGER_SET_VERSION, &version);
Change-Id: I6bfe7bfb9df45a56124aa8d0d19e7d7a18e06862
Both libraries are needed to build four shared libraries in 64-bit
for 64-bit emulator with "-gpu on"
lib64OpenglRender.so
lib64EGL_translator.so
lib64GLES_CM_translator.so
lib64GLES_V2_translator.so
Change-Id: If57f72d4661a74f1d5e537568881f39132e0b43d