ACPR/android_system_core
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

vold: Change VFAT mount options to enable sdcard write restrictions

Browse source 
Signed-off-by: San Mehat <san@google.com>
This commit is contained in:
San Mehat 2009-05-18 12:59:13 -07:00
parent 7edc4f9454
commit b76a63b7bb
1 changed files with 9 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
vold/volmgr_vfat.c
View file

@ -118,15 +118,22 @@ int vfat_mount(blkdev_t *dev, volume_t *vol, boolean safe_mode)
flags |= MS_REMOUNT; flags |= MS_REMOUNT;
} }
/*
* The mount masks restrict access so that:
* 1. The 'system' user cannot access the SD card at all -
* (protects system_server from grabbing file references)
* 2. Group users can RWX
* 3. Others can only RX
*/
rc = mount(devpath, vol->mount_point, "vfat", flags, rc = mount(devpath, vol->mount_point, "vfat", flags,
"utf8,uid=1000,gid=1000,fmask=711,dmask=700,shortname=mixed"); "utf8,uid=1000,gid=1015,fmask=702,dmask=702,shortname=mixed");
if (rc && errno == EROFS) { if (rc && errno == EROFS) {
LOGE("vfat_mount(%d:%d, %s): Read only filesystem - retrying mount RO", LOGE("vfat_mount(%d:%d, %s): Read only filesystem - retrying mount RO",
dev->major, dev->minor, vol->mount_point); dev->major, dev->minor, vol->mount_point);
flags |= MS_RDONLY; flags |= MS_RDONLY;
rc = mount(devpath, vol->mount_point, "vfat", flags, rc = mount(devpath, vol->mount_point, "vfat", flags,
"utf8,uid=1000,gid=1000,fmask=711,dmask=700,shortname=mixed"); "utf8,uid=1000,gid=1015,fmask=702,dmask=702,shortname=mixed");
} }
#if VFAT_DEBUG #if VFAT_DEBUG