From 4ae77160727f8b92d61028269d1f49ae16873a08 Mon Sep 17 00:00:00 2001
From: Nick Kralevich <nnk@google.com>
Date: Thu, 9 Feb 2012 11:22:33 -0800
Subject: [PATCH] do more checks on packages.list

Change-Id: I16d6eab5e674c860be915fde2da7877994bed314
---
 run-as/package.c | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/run-as/package.c b/run-as/package.c
index 8f1164620..143d647bf 100644
--- a/run-as/package.c
+++ b/run-as/package.c
@@ -89,6 +89,16 @@ map_file(const char* filename, size_t* filesize)
     if (ret < 0)
         goto EXIT;
 
+    /* Ensure that the file is owned by the system user */
+    if ((st.st_uid != AID_SYSTEM) || (st.st_gid != AID_SYSTEM)) {
+        goto EXIT;
+    }
+
+    /* Ensure that the file has sane permissions */
+    if ((st.st_mode & S_IWOTH) != 0) {
+        goto EXIT;
+    }
+
     /* Ensure that the size is not ridiculously large */
     length = (size_t)st.st_size;
     if ((off_t)length != st.st_size) {