ACPR/android_system_core
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge "Set groups before dropping privileges."

Browse source 
am: f34304019d

* commit 'f34304019d464de0c03fe62ca7fd9e158afb598c':
  Set groups before dropping privileges.

Change-Id: If5396c913cfed13c01bd06d6a5d781439e5f6876
This commit is contained in:
Christopher Ferris 2016-05-06 01:14:16 +00:00 committed by android-build-merger
commit 66c17d54e2
1 changed files with 10 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
debuggerd/debuggerd.cpp
View file

@ -511,13 +511,21 @@ static bool perform_dump(const debugger_request_t& request, int fd, int tombston
}
static bool drop_privileges() {
// AID_LOG: for reading the logs data associated with the crashing process.
// AID_READPROC: for reading /proc/<PID>/{comm,cmdline}.
gid_t groups[] = { AID_DEBUGGERD, AID_LOG, AID_READPROC };
if (setgroups(sizeof(groups)/sizeof(groups[0]), groups) != 0) {
ALOGE("debuggerd: failed to setgroups: %s", strerror(errno));
return false;
}
if (setresgid(AID_DEBUGGERD, AID_DEBUGGERD, AID_DEBUGGERD) != 0) {
ALOGE("debuggerd: failed to setresgid");
ALOGE("debuggerd: failed to setresgid: %s", strerror(errno));
return false;
}
if (setresuid(AID_DEBUGGERD, AID_DEBUGGERD, AID_DEBUGGERD) != 0) {
ALOGE("debuggerd: failed to setresuid");
ALOGE("debuggerd: failed to setresuid: %s", strerror(errno));
return false;
}