From ce135a67af198cb6ad97a6e367b2351cf952cfd5 Mon Sep 17 00:00:00 2001 From: David Anderson Date: Wed, 11 Apr 2018 12:29:54 -0700 Subject: [PATCH] storaged: lower capabilities in init Lower storaged's capabilities to DAC_READ_SEARCH as an initial step toward running it non-root. Bug: 77634061 Test: storaged still runs and its /proc/pid/status has lower CapPrms Exempt-From-Owner-Approval: stale OWNERS no longer in org Change-Id: Ibfe0349fc059e2f37efba33f587176e8ce6be9fe Merged-In: Ibfe0349fc059e2f37efba33f587176e8ce6be9fe --- storaged/storaged.rc | 1 + 1 file changed, 1 insertion(+) diff --git a/storaged/storaged.rc b/storaged/storaged.rc index 1840d053a..0614fadd1 100644 --- a/storaged/storaged.rc +++ b/storaged/storaged.rc @@ -1,5 +1,6 @@ service storaged /system/bin/storaged class main + capabilities DAC_READ_SEARCH priority 10 file /d/mmc0/mmc0:0001/ext_csd r writepid /dev/cpuset/system-background/tasks