Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Skip to content
Commit bb8b4814 authored by Nick Kralevich's avatar Nick Kralevich
Browse files

Am.java: Use write-only file descriptors 

Use write only file descriptors for am commands. Having read-write
file descriptors isn't needed, and not all SELinux app domains have
read access to /data/local/tmp file descriptors.

Addresses the following denial:

  avc: denied { read } for path="/data/local/tmp/foo" dev="dm-2"
  ino=654084 scontext=u:r:system_app:s0
  tcontext=u:object_r:shell_data_file:s0 tclass=file permissive=0

Steps to reproduce:

  adb shell ps | grep settings
  adb shell am dumpheap PID_FROM_ABOVE /data/local/tmp/settings.hat

Expected:
1) command works

Actual:
1) SELinux denial and no settings.hat output.

Bug: 27472701
Change-Id: Id8df0c5a41046b405444e14c70075c986d9936c3
parent 2e54da0d
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment