dumpstate: don't follow symlinks when creating /data/anr/traces.txt
Make Android more robust against symlink attacks when /data/anr
is world-writable.
Bug: 5614000
Change-Id: I9a7e4c4ec9aa4300ac30a968db0dcd276f364ab6
diff --git a/cmds/dumpstate/utils.c b/cmds/dumpstate/utils.c
index 25505f8..4556505 100644
--- a/cmds/dumpstate/utils.c
+++ b/cmds/dumpstate/utils.c
@@ -383,7 +383,7 @@
}
/* create a new, empty traces.txt file to receive stack dumps */
- int fd = open(traces_path, O_CREAT | O_WRONLY | O_TRUNC, 0666); /* -rw-rw-rw- */
+ int fd = open(traces_path, O_CREAT | O_WRONLY | O_TRUNC | O_NOFOLLOW, 0666); /* -rw-rw-rw- */
if (fd < 0) {
fprintf(stderr, "%s: %s\n", traces_path, strerror(errno));
return NULL;