commit | 2ef2606f5630df1ace06232ad57518fbdffee665 | [log] [tgz] |
---|---|---|
author | Zim <zezeozue@google.com> | Fri Jan 31 16:26:13 2020 +0000 |
committer | Zim <zezeozue@google.com> | Fri Jan 31 16:26:13 2020 +0000 |
tree | a56dd484a2c5b3dfd385667355d2f84b8da4c942 | |
parent | d345b883bcf4dd2e675b0c7e8227e6514c25f481 [diff] |
Harden /mnt/pass_through paths Only the FUSE daemon (with media_rw gid) needs access to paths on /mnt/pass_through. And even then, it only needs execute access on the dirs, since there will always be a bind mount either from sdcardfs or the lower filesystem on it and that bind mount correctly handles ACLs for the FUSE daemon. Test: manual Bug: 135341433 Change-Id: I999451e095da355e6247e9e18fb6fe1ab8fc45d6