Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit aebb65cb authored Nov 24, 2014 by Jeff Sharkey

package_info GID shouldn't have write.

Fix permissions on packages.list and package-usage.list to only
allow read access from the package_info GID.

Bug: 18473765
Change-Id: I9b9ef13f4a00a8355619bbcdacc836f9abfa0376

parent dbea3cd1

services/core/java/com/android/server/pm/PackageManagerService.java

+1 −1

Original line number	Diff line number	Diff line
		@@ -648,7 +648,7 @@ public class PackageManagerService extends IPackageManager.Stub {
		try {
		f = file.startWrite();
		BufferedOutputStream out = new BufferedOutputStream(f);
		FileUtils.setPermissions(file.getBaseFile().getPath(), 0660, SYSTEM_UID, PACKAGE_INFO_GID);
		FileUtils.setPermissions(file.getBaseFile().getPath(), 0640, SYSTEM_UID, PACKAGE_INFO_GID);
		StringBuilder sb = new StringBuilder();
		for (PackageParser.Package pkg : mPackages.values()) {
		if (pkg.mLastPackageUsageTimeInMills == 0) {

services/core/java/com/android/server/pm/Settings.java

+2 −2

Original line number	Diff line number	Diff line
		@@ -271,7 +271,7 @@ final class Settings {
		mSettingsFilename = new File(mSystemDir, "packages.xml");
		mBackupSettingsFilename = new File(mSystemDir, "packages-backup.xml");
		mPackageListFilename = new File(mSystemDir, "packages.list");
		FileUtils.setPermissions(mPackageListFilename, 0660, SYSTEM_UID, PACKAGE_INFO_GID);
		FileUtils.setPermissions(mPackageListFilename, 0640, SYSTEM_UID, PACKAGE_INFO_GID);

		// Deprecated: Needed for migration
		mStoppedPackagesFilename = new File(mSystemDir, "packages-stopped.xml");
		@@ -1651,7 +1651,7 @@ final class Settings {
		fstr = new FileOutputStream(writeTarget);
		str = new BufferedOutputStream(fstr);
		try {
		FileUtils.setPermissions(fstr.getFD(), 0660, SYSTEM_UID, PACKAGE_INFO_GID);
		FileUtils.setPermissions(fstr.getFD(), 0640, SYSTEM_UID, PACKAGE_INFO_GID);

		StringBuilder sb = new StringBuilder();
		for (final PackageSetting pkg : mPackages.values()) {