Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit e5cbf4e0 authored by Nick Kralevich's avatar Nick Kralevich
Browse files

adbd: unconditionally call setgroups

We should ensure that the appropriate supplementary groups are
set, regardless of whether we're running UID=0 or UID=shell.

Change-Id: I3a1624a574102be08176a41f9c7eb5f82af2b3e5
parent 0ef3fa24
Loading
Loading
Loading
Loading
+18 −18
Original line number Diff line number Diff line
@@ -1344,11 +1344,6 @@ int adb_main(int is_daemon, int server_port)
          " unchanged.\n");
    }

    /* don't listen on a port (default 5037) if running in secure mode */
    /* don't run as root if we are running in secure mode */
    if (should_drop_privileges()) {
        drop_capabilities_bounding_set_if_needed();

    /* add extra groups:
    ** AID_ADB to access the USB driver
    ** AID_LOG to read system logs (adb logcat)
@@ -1367,6 +1362,11 @@ int adb_main(int is_daemon, int server_port)
        exit(1);
    }

    /* don't listen on a port (default 5037) if running in secure mode */
    /* don't run as root if we are running in secure mode */
    if (should_drop_privileges()) {
        drop_capabilities_bounding_set_if_needed();

        /* then switch user and group to "shell" */
        if (setgid(AID_SHELL) != 0) {
            exit(1);