Allow shell to write to /sdcard/Android/data and /sdcard/Android/obb.

On devices without sdcardfs, these are only writable by the owning UID, and/or the ext_data_rw/ext_obb_rw groups respectively. Bug: 161134565 Bug: 162810387 Test: try to write to /sdcard/Android/data/ from shell uid Change-Id: Idb4e07f967c8e888d95afa6c4a71595e0910ba0e
2020-08-18 15:34:15 +02:00 · 2020-08-18 15:34:15 +02:00 · 4da604ba4e
commit 4da604ba4e
parent 3d882d0536
1 changed files with 4 additions and 1 deletions
--- a/adb/daemon/main.cpp
+++ b/adb/daemon/main.cpp
@ -108,9 +108,12 @@ static void drop_privileges(int server_port) {
    // AID_NET_BW_STATS to read out qtaguid statistics
    // AID_READPROC for reading /proc entries across UID boundaries
    // AID_UHID for using 'hid' command to read/write to /dev/uhid
+    // AID_EXT_DATA_RW for writing to /sdcard/Android/data (devices without sdcardfs)
+    // AID_EXT_OBB_RW for writing to /sdcard/Android/obb (devices without sdcardfs)
    gid_t groups[] = {AID_ADB,          AID_LOG,          AID_INPUT,    AID_INET,
                      AID_NET_BT,       AID_NET_BT_ADMIN, AID_SDCARD_R, AID_SDCARD_RW,
-                      AID_NET_BW_STATS, AID_READPROC,     AID_UHID};
+                      AID_NET_BW_STATS, AID_READPROC,     AID_UHID,     AID_EXT_DATA_RW,
+                      AID_EXT_OBB_RW};
    minijail_set_supplementary_gids(jail.get(), arraysize(groups), groups);

    // Don't listen on a port (default 5037) if running in secure mode.