Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 5fa90a06 authored by Arve Hjønnevåg's avatar Arve Hjønnevåg Committed by Feng Yu
Browse files

ServiceManager: Restore basic uid check 

Prevent apps from registering services without relying on selinux checks.

Bug: 29431260

Change-Id: I38c6e8bc7f7cba1cbd3568e8fed1ae7ac2054a9b
parent 5e703a6a

cmds/servicemanager/service_manager.c

+5 −0
Original line number Diff line number Diff line
@@ -121,6 +121,11 @@ static bool check_mac_perms_from_lookup(pid_t spid, uid_t uid, const char *perm, 
static int svc_can_register(const uint16_t *name, size_t name_len, pid_t spid, uid_t uid)

{

    const char *perm = "add";



    if (uid >= AID_APP) {

        return 0; /* Don't allow apps to register services */

    }



    return check_mac_perms_from_lookup(spid, uid, perm, str8(name, name_len)) ? 1 : 0;

}