From 4da604ba4e99619e4318f2aee952cffbd6c25ace Mon Sep 17 00:00:00 2001 From: Martijn Coenen Date: Tue, 18 Aug 2020 15:34:15 +0200 Subject: [PATCH] Allow shell to write to /sdcard/Android/data and /sdcard/Android/obb. On devices without sdcardfs, these are only writable by the owning UID, and/or the ext_data_rw/ext_obb_rw groups respectively. Bug: 161134565 Bug: 162810387 Test: try to write to /sdcard/Android/data/ from shell uid Change-Id: Idb4e07f967c8e888d95afa6c4a71595e0910ba0e --- adb/daemon/main.cpp | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/adb/daemon/main.cpp b/adb/daemon/main.cpp index eb28668b9..8c41c5e2d 100644 --- a/adb/daemon/main.cpp +++ b/adb/daemon/main.cpp @@ -108,9 +108,12 @@ static void drop_privileges(int server_port) { // AID_NET_BW_STATS to read out qtaguid statistics // AID_READPROC for reading /proc entries across UID boundaries // AID_UHID for using 'hid' command to read/write to /dev/uhid + // AID_EXT_DATA_RW for writing to /sdcard/Android/data (devices without sdcardfs) + // AID_EXT_OBB_RW for writing to /sdcard/Android/obb (devices without sdcardfs) gid_t groups[] = {AID_ADB, AID_LOG, AID_INPUT, AID_INET, AID_NET_BT, AID_NET_BT_ADMIN, AID_SDCARD_R, AID_SDCARD_RW, - AID_NET_BW_STATS, AID_READPROC, AID_UHID}; + AID_NET_BW_STATS, AID_READPROC, AID_UHID, AID_EXT_DATA_RW, + AID_EXT_OBB_RW}; minijail_set_supplementary_gids(jail.get(), arraysize(groups), groups); // Don't listen on a port (default 5037) if running in secure mode.