Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Skip to content
Commit 5e801e7b authored by Lorenzo Colitti's avatar Lorenzo Colitti
Browse files

Make the xtables lock readable only by AID_RADIO and root. 

Anyone who can read this file can call flock(..., LOCK_EX) on it,
thereby blocking any future iptables commands from running.
Restrict it to user AID_RADIO, which includes device-specific
network management daemons, and group root.

Bug: 36108349
Test: see https://android-review.googlesource.com/#/c/348939/
Change-Id: I4dae4b5a835fabdc1a61a330e0446b39651f8156
parent 2a54ae97
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment