Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 35fe1610 authored by Nick Kralevich's avatar Nick Kralevich Committed by android-build-merger
Browse files

Merge "init.rc: Lock down access to /proc/net/fib_trie" into oc-mr1-dev am: c3090ba2 

am: 566ae3eb

Change-Id: I1eac78bcfe0c8333722a511cdd99791e5139d4ea
parents ae796757 566ae3eb

rootdir/init.rc

+3 −0
Original line number Diff line number Diff line
@@ -148,6 +148,9 @@ on init 
    write /proc/sys/net/ipv4/conf/all/accept_redirects 0

    write /proc/sys/net/ipv6/conf/all/accept_redirects 0



    # /proc/net/fib_trie leaks interface IP addresses

    chmod 0400 /proc/net/fib_trie



    # Create cgroup mount points for process groups

    mkdir /dev/cpuctl

    mount cgroup none /dev/cpuctl cpu