Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 53842f8a authored by Nick Kralevich's avatar Nick Kralevich
Browse files

relax /system/bin directory permissions 

In commit f4fc922f, we tightened the
permissions on various bin directories. Please see
https://android-review.googlesource.com/c/platform/system/core/+/822955
for details.

This change causes the Chase banking app to crash. This is because
the Chase app is using inotify_add_watch() on the /system/bin directory
and not checking the return value.

The Android Security model guarantees the immutability of files in
/system/bin, so the inotify watch is unnecessary.

Until the Chase app fixes their bug, we need to relax the permissions on
the /system/bin directory. Conceptually, this is a partial revert of
f4fc922f.

Bug: 119605322
Test: compiles
Change-Id: Ic72dd24cb27cff677093963bdfd0ae09bf132e08
parent 41216e59

libcutils/fs_config.cpp

+1 −1
Original line number Diff line number Diff line
@@ -84,7 +84,7 @@ static const struct fs_path_config android_dirs[] = { 
    { 00750, AID_ROOT,         AID_SHELL,        0, "sbin" },

    { 00777, AID_ROOT,         AID_ROOT,         0, "sdcard" },

    { 00751, AID_ROOT,         AID_SDCARD_R,     0, "storage" },

    { 00751, AID_ROOT,         AID_SHELL,        0, "system/bin" },

    { 00755, AID_ROOT,         AID_SHELL,        0, "system/bin" },

    { 00755, AID_ROOT,         AID_ROOT,         0, "system/etc/ppp" },

    { 00755, AID_ROOT,         AID_SHELL,        0, "system/vendor" },

    { 00751, AID_ROOT,         AID_SHELL,        0, "system/xbin" },