Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit d1387983 authored by Steven Moreland's avatar Steven Moreland
Browse files

Revert "libbinder: require shell/root UID for shell" 

This reverts commit f0f97d36.

Reason for revert: as requested by frameworks team: implementations of
    shell command should check permissions and calls to binder
    interfaces are already guarded by SELinux.

Bug: N/A
Test: N/A
Change-Id: I0f4181bb7f9fdb252644cbbcbcd099696ce150be
parent f0f97d36

libs/binder/Binder.cpp

+1 −17
Original line number Diff line number Diff line
@@ -17,15 +17,12 @@ 
#include <binder/Binder.h>



#include <atomic>

#include <utils/misc.h>

#include <binder/BpBinder.h>

#include <binder/IInterface.h>

#include <binder/IPCThreadState.h>

#include <binder/IResultReceiver.h>

#include <binder/IShellCallback.h>

#include <binder/Parcel.h>

#include <cutils/android_filesystem_config.h>

#include <cutils/compiler.h>

#include <utils/misc.h>



#include <stdio.h>
@@ -128,19 +125,6 @@ status_t BBinder::transact( 
{

    data.setDataPosition(0);



    // Shell command transaction is conventionally implemented by

    // overriding onTransact by copy/pasting the parceling code from

    // this file. So, we must check permissions for it before we call

    // onTransact. This check is here because shell APIs aren't

    // guaranteed to be stable, and so they should only be used by

    // developers.

    if (CC_UNLIKELY(code == SHELL_COMMAND_TRANSACTION)) {

        uid_t uid = IPCThreadState::self()->getCallingUid();

        if (uid != AID_SHELL && uid != AID_ROOT) {

            return PERMISSION_DENIED;

        }

    }



    status_t err = NO_ERROR;

    switch (code) {

        case PING_TRANSACTION: