netd: reduce privileges
netd doesn't need full root capabilities. Rather, it only needs CAP_NET_ADMIN and CAP_NET_RAW. Reduce the capabilities to that set. netd continues to run with UID=0, which allows applications spawned by netd to continue to have CAP_NET_ADMIN and CAP_NET_RAW. It also allows netd to access /proc and /sys files as UID=0. Change-Id: I439d22150109697213c0cc83276ddb668007b978
Loading
Please register or sign in to comment