Commit f6f60c00 authored May 23, 2019 by Nick Kralevich

audioserver: drop inet group

The audioserver process is specifically prohibited from accessing the network.
See
https://android.googlesource.com/platform/system/sepolicy/+/7ca6fc8629d34b6be6ca99806814a78a5f6e2b31/private/audioserver.te#91
line 91

  # Media processing code is inherently risky and thus should have limited
  # permissions and be isolated from the rest of the system and network.
  # Lengthier explanation here:
  # https://android-developers.googleblog.com/2016/05/hardening-media-stack.html
  neverallow audioserver domain:{ tcp_socket udp_socket rawip_socket } *;

Since SELinux doesn't allow audioserver to access tcp/udp sockets, it
doesn't make any sense to have audioserver be in the inet group.

Discovered while reviewing
https://android-review.googlesource.com/c/platform/frameworks/base/+/968497

Similarly, I suspect other groups listed here are also unnecessary and
can be cleaned up in a future commit.

Test: compiles and boots
Change-Id: Ic331f301565aee911de30322dd4c3811529597ee

parent e066f91c

media/audioserver/audioserver.rc

+1 −1

Original line number	Diff line number	Diff line
		@@ -2,7 +2,7 @@ service audioserver /system/bin/audioserver
		class core
		user audioserver
		# media gid needed for /dev/fm (radio) and for /data/misc/media (tee)
		group audio camera drmrpc inet media mediadrm net_bt net_bt_admin net_bw_acct wakelock
		group audio camera drmrpc media mediadrm net_bt net_bt_admin net_bw_acct wakelock
		capabilities BLOCK_SUSPEND
		ioprio rt 4
		writepid /dev/cpuset/foreground/tasks /dev/stune/foreground/tasks