Merge "adbd: unconditionally call setgroups"
This commit is contained in:
Nick Kralevich
Gerrit Code Review
commit
4e6aa6a227
1 changed files with 18 additions and 18 deletions
36
adb/adb.c
36
adb/adb.c
|
|
@ -1344,29 +1344,29 @@ int adb_main(int is_daemon, int server_port)
|
||||||
" unchanged.\n");
|
" unchanged.\n");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* add extra groups:
|
||||||
|
** AID_ADB to access the USB driver
|
||||||
|
** AID_LOG to read system logs (adb logcat)
|
||||||
|
** AID_INPUT to diagnose input issues (getevent)
|
||||||
|
** AID_INET to diagnose network issues (netcfg, ping)
|
||||||
|
** AID_GRAPHICS to access the frame buffer
|
||||||
|
** AID_NET_BT and AID_NET_BT_ADMIN to diagnose bluetooth (hcidump)
|
||||||
|
** AID_SDCARD_R to allow reading from the SD card
|
||||||
|
** AID_SDCARD_RW to allow writing to the SD card
|
||||||
|
** AID_NET_BW_STATS to read out qtaguid statistics
|
||||||
|
*/
|
||||||
|
gid_t groups[] = { AID_ADB, AID_LOG, AID_INPUT, AID_INET, AID_GRAPHICS,
|
||||||
|
AID_NET_BT, AID_NET_BT_ADMIN, AID_SDCARD_R, AID_SDCARD_RW,
|
||||||
|
AID_NET_BW_STATS };
|
||||||
|
if (setgroups(sizeof(groups)/sizeof(groups[0]), groups) != 0) {
|
||||||
|
exit(1);
|
||||||
|
}
|
||||||
|
|
||||||
/* don't listen on a port (default 5037) if running in secure mode */
|
/* don't listen on a port (default 5037) if running in secure mode */
|
||||||
/* don't run as root if we are running in secure mode */
|
/* don't run as root if we are running in secure mode */
|
||||||
if (should_drop_privileges()) {
|
if (should_drop_privileges()) {
|
||||||
drop_capabilities_bounding_set_if_needed();
|
drop_capabilities_bounding_set_if_needed();
|
||||||
|
|
||||||
/* add extra groups:
|
|
||||||
** AID_ADB to access the USB driver
|
|
||||||
** AID_LOG to read system logs (adb logcat)
|
|
||||||
** AID_INPUT to diagnose input issues (getevent)
|
|
||||||
** AID_INET to diagnose network issues (netcfg, ping)
|
|
||||||
** AID_GRAPHICS to access the frame buffer
|
|
||||||
** AID_NET_BT and AID_NET_BT_ADMIN to diagnose bluetooth (hcidump)
|
|
||||||
** AID_SDCARD_R to allow reading from the SD card
|
|
||||||
** AID_SDCARD_RW to allow writing to the SD card
|
|
||||||
** AID_NET_BW_STATS to read out qtaguid statistics
|
|
||||||
*/
|
|
||||||
gid_t groups[] = { AID_ADB, AID_LOG, AID_INPUT, AID_INET, AID_GRAPHICS,
|
|
||||||
AID_NET_BT, AID_NET_BT_ADMIN, AID_SDCARD_R, AID_SDCARD_RW,
|
|
||||||
AID_NET_BW_STATS };
|
|
||||||
if (setgroups(sizeof(groups)/sizeof(groups[0]), groups) != 0) {
|
|
||||||
exit(1);
|
|
||||||
}
|
|
||||||
|
|
||||||
/* then switch user and group to "shell" */
|
/* then switch user and group to "shell" */
|
||||||
if (setgid(AID_SHELL) != 0) {
|
if (setgid(AID_SHELL) != 0) {
|
||||||
exit(1);
|
exit(1);
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue