Loading cmds/installd/utils.c +6 −29 Original line number Original line Diff line number Diff line Loading @@ -1036,50 +1036,27 @@ int ensure_config_user_dirs(userid_t userid) { int create_profile_file(const char *pkgname, gid_t gid) { int create_profile_file(const char *pkgname, gid_t gid) { const char *profile_dir = DALVIK_CACHE_PREFIX "profiles"; const char *profile_dir = DALVIK_CACHE_PREFIX "profiles"; struct stat profileStat; char profile_file[PKG_PATH_MAX]; char profile_file[PKG_PATH_MAX]; // If we don't have a profile directory under dalvik-cache we need to create one. if (stat(profile_dir, &profileStat) < 0) { // Create the profile directory under dalvik-cache. if (mkdir(profile_dir, 0711) < 0) { ALOGE("cannot make profile dir '%s': %s\n", profile_dir, strerror(errno)); return -1; } // Make the profile directory write-only for group and other. Owner can rwx it. if (chmod(profile_dir, 0711) < 0) { ALOGE("cannot chown profile dir '%s': %s\n", profile_dir, strerror(errno)); rmdir(profile_dir); return -1; } if (selinux_android_restorecon(profile_dir, 0) < 0) { ALOGE("cannot restorecon profile dir '%s': %s\n", profile_dir, strerror(errno)); rmdir(profile_dir); return -1; } } snprintf(profile_file, sizeof(profile_file), "%s/%s", profile_dir, pkgname); snprintf(profile_file, sizeof(profile_file), "%s/%s", profile_dir, pkgname); // The 'system' user needs to be able to read the profile to determine if dex2oat // The 'system' user needs to be able to read the profile to determine if dex2oat // needs to be run. This is done in dalvik.system.DexFile.isDexOptNeededInternal(). So // needs to be run. This is done in dalvik.system.DexFile.isDexOptNeededInternal(). So // we make it world readable. Not a problem since the dalvik cache is world // we assign ownership to AID_SYSTEM and ensure it's not world-readable. // readable anyway. int fd = open(profile_file, O_WRONLY | O_CREAT | O_EXCL | O_NOFOLLOW, 0664); int fd = open(profile_file, O_WRONLY | O_CREAT | O_NOFOLLOW | O_CLOEXEC, 0660); // Open will fail if the file already exists. We want to ignore that. // Always set the uid/gid/permissions. The file could have been previously created // with different permissions. if (fd >= 0) { if (fd >= 0) { if (fchown(fd, -1, gid) < 0) { if (fchown(fd, AID_SYSTEM, gid) < 0) { ALOGE("cannot chown profile file '%s': %s\n", profile_file, strerror(errno)); ALOGE("cannot chown profile file '%s': %s\n", profile_file, strerror(errno)); close(fd); close(fd); unlink(profile_file); unlink(profile_file); return -1; return -1; } } if (fchmod(fd, 0664) < 0) { if (fchmod(fd, 0660) < 0) { ALOGE("cannot chmod profile file '%s': %s\n", profile_file, strerror(errno)); ALOGE("cannot chmod profile file '%s': %s\n", profile_file, strerror(errno)); close(fd); close(fd); unlink(profile_file); unlink(profile_file); Loading Loading
cmds/installd/utils.c +6 −29 Original line number Original line Diff line number Diff line Loading @@ -1036,50 +1036,27 @@ int ensure_config_user_dirs(userid_t userid) { int create_profile_file(const char *pkgname, gid_t gid) { int create_profile_file(const char *pkgname, gid_t gid) { const char *profile_dir = DALVIK_CACHE_PREFIX "profiles"; const char *profile_dir = DALVIK_CACHE_PREFIX "profiles"; struct stat profileStat; char profile_file[PKG_PATH_MAX]; char profile_file[PKG_PATH_MAX]; // If we don't have a profile directory under dalvik-cache we need to create one. if (stat(profile_dir, &profileStat) < 0) { // Create the profile directory under dalvik-cache. if (mkdir(profile_dir, 0711) < 0) { ALOGE("cannot make profile dir '%s': %s\n", profile_dir, strerror(errno)); return -1; } // Make the profile directory write-only for group and other. Owner can rwx it. if (chmod(profile_dir, 0711) < 0) { ALOGE("cannot chown profile dir '%s': %s\n", profile_dir, strerror(errno)); rmdir(profile_dir); return -1; } if (selinux_android_restorecon(profile_dir, 0) < 0) { ALOGE("cannot restorecon profile dir '%s': %s\n", profile_dir, strerror(errno)); rmdir(profile_dir); return -1; } } snprintf(profile_file, sizeof(profile_file), "%s/%s", profile_dir, pkgname); snprintf(profile_file, sizeof(profile_file), "%s/%s", profile_dir, pkgname); // The 'system' user needs to be able to read the profile to determine if dex2oat // The 'system' user needs to be able to read the profile to determine if dex2oat // needs to be run. This is done in dalvik.system.DexFile.isDexOptNeededInternal(). So // needs to be run. This is done in dalvik.system.DexFile.isDexOptNeededInternal(). So // we make it world readable. Not a problem since the dalvik cache is world // we assign ownership to AID_SYSTEM and ensure it's not world-readable. // readable anyway. int fd = open(profile_file, O_WRONLY | O_CREAT | O_EXCL | O_NOFOLLOW, 0664); int fd = open(profile_file, O_WRONLY | O_CREAT | O_NOFOLLOW | O_CLOEXEC, 0660); // Open will fail if the file already exists. We want to ignore that. // Always set the uid/gid/permissions. The file could have been previously created // with different permissions. if (fd >= 0) { if (fd >= 0) { if (fchown(fd, -1, gid) < 0) { if (fchown(fd, AID_SYSTEM, gid) < 0) { ALOGE("cannot chown profile file '%s': %s\n", profile_file, strerror(errno)); ALOGE("cannot chown profile file '%s': %s\n", profile_file, strerror(errno)); close(fd); close(fd); unlink(profile_file); unlink(profile_file); return -1; return -1; } } if (fchmod(fd, 0664) < 0) { if (fchmod(fd, 0660) < 0) { ALOGE("cannot chmod profile file '%s': %s\n", profile_file, strerror(errno)); ALOGE("cannot chmod profile file '%s': %s\n", profile_file, strerror(errno)); close(fd); close(fd); unlink(profile_file); unlink(profile_file); Loading
