ACPR/android_system_core
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
No description
14474 commits 1 branch 0 tags 217 MiB
Find a file
Jeff Sharkey b9f438ff84 Protect runtime storage mount points. 
We have a bunch of magic that mounts the correct view of storage
access based on the runtime permissions of an app, but we forgot to
protect the real underlying data sources; oops.

This series of changes just bumps the directory heirarchy one level
to give us /mnt/runtime which we can mask off as 0700 to prevent
people from jumping to the exposed internals.

Also add CTS tests to verify that we're protecting access to
internal mount points like this.

Bug: 22964288
Change-Id: I32068e63a3362b37e8ebca1418f900bb8537b498
2015-08-06 11:45:31 -07:00
adb fs_config: replace getenv('OUT') by new fs_config parameter 2015-07-09 21:47:07 -07:00
adf libadf: enable -Werror 2015-03-10 15:14:38 -07:00
base Fix comparison between signed and unsigned error on darwin 2015-06-09 12:44:41 -07:00
cpio fs_config: replace getenv('OUT') by new fs_config parameter 2015-07-09 21:47:07 -07:00
debuggerd Change the 64 bit map address format. 2015-06-03 12:12:31 -07:00
fastboot Add a working Windows tmpfile(3) to fastboot. 2015-06-05 13:28:44 -07:00
fingerprintd Fingerprint: Add HAL close() code 2015-07-10 16:26:32 -07:00
fs_mgr fs_config: replace getenv('OUT') by new fs_config parameter 2015-07-09 21:47:07 -07:00
gatekeeperd Merge "[gatekeeperd] fix use of uninitialized memory" into mnc-dev 2015-07-10 17:20:31 +00:00
gpttool gpttool: turn on -Werror 2014-05-05 10:30:04 -07:00
healthd resolved conflicts for merge of 6e9b28b2 to master 2015-04-15 12:15:00 -07:00
include Merge "graphics: update flexible YUV format gralloc requirement" into mnc-dev 2015-07-14 19:42:24 +00:00
init Revert "Change init sequence to support file level encryption" 2015-07-07 17:05:58 +00:00
libbacktrace Remove PtraceRead error message. 2015-06-12 23:32:20 -07:00
libcutils fs_config: replace getenv('OUT') by new fs_config parameter 2015-07-09 21:47:07 -07:00
libdiskconfig am eb075e28: am c8179498: am 2f62edf7: Merge "libdiskconfig: Turn on -Werror" 2014-05-21 21:19:27 +00:00
libion am 8d2cd035: am 2ddb9cb1: am ed43be39: Merge "Remove LOCAL_ADDITIONAL_DEPENDENCIES in cases where it\'s not needed." 2015-04-02 22:07:16 +00:00
liblog liblog: __android_log_is_loggable support global properties 2015-06-15 07:34:07 -07:00
libmemtrack Add missing <malloc.h> and <string.h> includes. 2015-01-28 11:37:57 -08:00
libmincrypt Enable clang compilation. 2015-05-15 16:13:19 -07:00
libnativebridge LibNativeBridge: Version 2 2015-05-31 16:58:24 -07:00
libnetutils am f91c0664: am 421d01c8: am d4196ef8: Merge "Add a command to call libnetutils\' do_dhcp." 2015-04-22 03:32:13 +00:00
libpixelflinger pixelflinger: make self-contained 2015-03-19 12:34:35 -07:00
libprocessgroup processgroup: change the polling interval for killProcessGroup() 2015-06-16 13:59:32 -07:00
libsparse libsparse: move_chunks_up_to_len() does not account skip chunks 2015-04-08 10:10:17 +02:00
libsuspend Adds a parameter to the wakeup_callback to report sucessful wakeup or suspend aborts. 2015-06-25 13:15:22 -07:00
libsync Remove LOCAL_ADDITIONAL_DEPENDENCIES in cases where it's not needed. 2015-04-02 14:31:07 -07:00
libsysutils Fix incorrectly sized buffer. 2015-07-28 17:56:06 +09:00
libusbhost libusbhost: Fix problem reading USB string descriptors on some quirky devices 2015-06-18 13:38:31 -07:00
libutils Merge "Work around spurious epoll notifications." into mnc-dev 2015-05-30 00:43:10 +00:00
libziparchive Add |optional_suffix| to StartIteration() 2015-06-23 17:31:16 -07:00
lmkd Lmkd: Fix unused variables 2014-11-24 20:32:42 -08:00
logcat Lower the priority of the threads in logd/logcat. 2015-06-09 12:36:45 -07:00
logd logd: allow logd to write to /dev/cpuset files 2015-07-24 16:22:06 +00:00
logwrapper Put in line breaks when logging to klog 2015-02-03 17:06:33 +00:00
mkbootimg Merge changes Iac33dbaa,I18fcd37d into mnc-dev 2015-05-08 15:00:14 +00:00
reboot reboot: Turn on -Werror 2014-05-21 12:58:38 -07:00
rootdir Protect runtime storage mount points. 2015-08-06 11:45:31 -07:00
run-as Extend run-as with optional --user argument. 2015-06-10 12:09:10 -07:00
sdcard Protect runtime storage mount points. 2015-08-06 11:45:31 -07:00
toolbox Revert "Switch to toybox ls." 2015-05-15 23:31:08 -07:00
tzdatacheck Executable to run on boot that removes old tzdata if needed 2015-04-13 11:38:32 +01:00
.gitignore Don't compile abort_socket.c for host targets. It is only intended to run on Linux targets. 2009-05-26 13:23:23 -07:00
Android.mk Remove the simulator target from all makefiles. 2011-07-11 22:12:32 -07:00
CleanSpec.mk Add a CleanSpec for grep/toolbox. 2015-03-22 18:04:54 -07:00
MODULE_LICENSE_APACHE2 auto import from //depot/cupcake/@135843 2013-07-30 13:56:49 -07:00
NOTICE Fix omission in NOTICE file. 2013-07-30 13:56:55 -07:00