libc: use more secure system properties if available Currently, system properties are passed via the environment variable ANDROID_PROPERTY_WORKSPACE and a file descriptor passed from parent to child. This is insecure for setuid executables, as the environment variable can be changed by the caller. Modify system property handling so that we get the properties from a root owned properties file, rather than using an environment variable. Fall back to the environment variable if the file doesn't exist. Bug: 8045561 Change-Id: I54f3efa98cf7d63d88788da5ce0d19e34fd7851a

commit: 32417fb37642a1f975ec107e6b449ba71196db56 [log] [tgz]
author: Nick Kralevich <nnk@google.com> Wed Jan 23 09:28:35 2013 -0800
committer: Nick Kralevich <nnk@google.com> Wed Jan 23 09:28:35 2013 -0800
tree: 2a10ccaed29dd6ba733b4338d72fdb786633255f
parent: 778a68e1e57408be04806b5bfc3150aade44bcbf [diff] [blame]
diff --git a/libc/include/sys/_system_properties.h b/libc/include/sys/_system_properties.h
index 42a7f6c..10c0fae 100644
--- a/libc/include/sys/_system_properties.h
+++ b/libc/include/sys/_system_properties.h

@@ -41,6 +41,7 @@
 #define PROP_AREA_VERSION 0x45434f76
 
 #define PROP_SERVICE_NAME "property_service"
+#define PROP_FILENAME "/dev/__properties__"
 
 /* #define PROP_MAX_ENTRIES 247 */
 /* 247 -> 32620 bytes (<32768) */
commit	32417fb37642a1f975ec107e6b449ba71196db56	[log] [tgz]
author	Nick Kralevich <nnk@google.com>	Wed Jan 23 09:28:35 2013 -0800
committer	Nick Kralevich <nnk@google.com>	Wed Jan 23 09:28:35 2013 -0800
tree	2a10ccaed29dd6ba733b4338d72fdb786633255f
parent	778a68e1e57408be04806b5bfc3150aade44bcbf [diff] [blame]