Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 6a70ded7 authored by Mark Salyzyn's avatar Mark Salyzyn
Browse files

logd: clear DUMPABLE 

Do not allow anyone to see logd memory.

Test: gTest logd-unit-tests, liblog-unit-tests and logcat-unit-tests
Bug: 32450474
Change-Id: Ic7377efcb7e1d3cd91b50741061037a0fb589045
parent 3a724a8f

logd/main.cpp

+5 −0
Original line number Diff line number Diff line
@@ -106,6 +106,11 @@ static int drop_privs() { 
        return -1;

    }



    if (prctl(PR_SET_DUMPABLE, 0) < 0) {

        android::prdebug("failed to clear PR_SET_DUMPABLE");

        return -1;

    }



    gid_t groups[] = { AID_READPROC };

    ScopedMinijail j(minijail_new());

    minijail_set_supplementary_gids(j.get(), arraysize(groups), groups);