Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Skip to content
Commit 195c73c9 authored by Nick Kralevich's avatar Nick Kralevich
Browse files

Set NO_NEW_PRIVS on zygote init 

When app_process/zygote starts, make sure PR_SET_NO_NEW_PRIVS is set.
This prevents zygote spawned apps from acquiring new privileges
on exec.

In particular, this allows the CTS test
android.os.cts.SecurityFeaturesTest#testNoNewPrivs() to pass if ART is set
as the default runtime.

Change-Id: I81139cda999c7b1430242561aad28f566e9b6da0
parent 5c220cc4
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment