2e6e2713fb71f7e18b782ac22a7b466545b79e89 |
|
08-May-2014 |
Mark Salyzyn <salyzyn@google.com> |
run-as: build 1161573 failure - pointer to integer comparison. Change-Id: I4a12c357ff5eaf2fc08c19c9efe7e2d7cb0dbe2e
/system/core/run-as/package.c
|
b9f5a2b9a0f4f08050dd2b88c64493836edc74dd |
|
01-May-2014 |
Mark Salyzyn <salyzyn@google.com> |
run-as: turn on -Werror - remove an abandoned code fragment Change-Id: I32d4ad820772685c680d200dc00ef11d102c76bd
/system/core/run-as/package.c
|
18860c524915bc991a9015bdbab32e918f5298d7 |
|
21-Aug-2013 |
Alex Klyubin <klyubin@google.com> |
Enable run-as to read packages.list now owned by package_info. The group ownership of the package database /data/system/packages.list read by run-as was changed in 977a9f3b1a05e6168e8245a1e2061225b68b2b41 from "system" to "package_info". run-as currently changes its effective group to "system" and is thus unable to read the database. This CL fixes the issue by making run-as change its effective group to "package_info" for reading the package database. Bug: 10411916 Change-Id: Id23059bfb5b43264824917873a31c287f057ce4e
/system/core/run-as/package.c
|
977a9f3b1a05e6168e8245a1e2061225b68b2b41 |
|
13-Aug-2013 |
Jeff Sharkey <jsharkey@android.com> |
Add legacy layout support to FUSE, enforce write. The legacy internal layout places users at the top-level of the filesystem, so handle with new PERM_LEGACY_PRE_ROOT when requested. Mirror single OBB directory between all users without requiring fancy bind mounts by letting a nodes graft in another part of the underlying tree. Move to everything having "sdcard_r" GID by default, and verify that calling apps hold "sdcard_rw" when performing mutations. Determines app group membership from new packages.list column. Flag to optionally enable sdcard_pics/sdcard_av permissions splitting. Flag to supply a default GID for all files. Ignore attempts to access security sensitive files. Fix run-as to check for new "package_info" GID. Change-Id: Id5f3680779109141c65fb8fa1daf56597f49ea0d
/system/core/run-as/package.c
|
46e8991209508a9f5d59bf97ed39b791444dbaf7 |
|
28-Mar-2013 |
Geremy Condra <gcondra@google.com> |
am f19e045c: am c8df252f: Merge "run-as: Get seinfo from packages.list and pass to libselinux." * commit 'f19e045c58dafbdc46e848ec5a5c935f472dea34': run-as: Get seinfo from packages.list and pass to libselinux.
|
fced3ded831cb084121b10a78c12de99c89004aa |
|
26-Mar-2013 |
Robert Craig <rpcraig@tycho.ncsc.mil> |
run-as: Get seinfo from packages.list and pass to libselinux. Change allows the proper seinfo value to be passed to libselinux to switch to the proper app security context before running the shell. Change-Id: I9d7ea47c920b1bc09a19008345ed7fd0aa426e87 Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil>
/system/core/run-as/package.c
|
080427e4e2b1b72718b660e16b6cf38b3a3c4e3f |
|
15-Feb-2013 |
Nick Kralevich <nnk@google.com> |
adb: drop capability bounding set on user builds run-as: don't require CAP_DAC_OVERRIDE. Prevent an adb spawned application from acquiring capabilities other than * CAP_NET_RAW * CAP_SETUID * CAP_SETGID The only privileged programs accessible on user builds are * /system/bin/ping * /system/bin/run-as and the capabilities above are sufficient to cover those two programs. If the kernel doesn't support file capabilities, we ignore a prctl(PR_CAPBSET_DROP) failure. In a future CL, this could become a fatal error. Change-Id: I45a56712bfda35b5ad9378dde9e04ab062fe691a
/system/core/run-as/package.c
|
4ae77160727f8b92d61028269d1f49ae16873a08 |
|
09-Feb-2012 |
Nick Kralevich <nnk@google.com> |
do more checks on packages.list Change-Id: I16d6eab5e674c860be915fde2da7877994bed314
/system/core/run-as/package.c
|
5792ce79cc79cd0eef9fadd6351521b128b4e85c |
|
27-Aug-2011 |
David 'Digit' Turner <digit@android.com> |
run-as: use mmap to read package list file This patch uses mmap() to read /data/system/packages.list This avoids depending on the size of a fixed static buffer which may happen to be too short for systems with a lot of packages installed. Also avoids calling malloc() which we don't want to trust here since run-as is a setuid program. Change-Id: I1d640a08b5d73af2fc80546b01c8d970c7f6b514
/system/core/run-as/package.c
|
93d81ef7a104ae9a229aca3c7c6da0445440213e |
|
06-Jun-2011 |
David 'Digit' Turner <digit@android.com> |
run-as: Bump the size of the internal packages list buffer. This patch increases the size of the internal buffer used by run-as to store the content of /data/system/packages.list from 8KB to 64KB. It has been reported that, on some systems, 8KB was too small. This resulted in a truncated file being loaded, and the inability to debug native applications properly (either because the application was not found in the list, or because the tool reported a 'corrupted installation' due to BAD_FORMAT issues when parsing the truncated file). See http://code.google.com/p/android/issues/detail?id=16391 Change-Id: I0c35a61b163c4abc6f1a2681adc0ef0d76493171
/system/core/run-as/package.c
|
1f4d95296acf34a93128332441782a80c10845b4 |
|
03-Mar-2010 |
David 'Digit' Turner <digit@google.com> |
Add 'run-as' command implementation as set-uid program. Typical usage is 'run-as <package-name> <command>' to run <command> in the data directory, and the user id, of <package-name> if, and only if <package-name> is the name of an installed and debuggable application. This relies on the /data/system/packages.list file generated by the PackageManager service. BEWARE: This is intended to be available on production devices !
/system/core/run-as/package.c
|