init.rc: Add nodev,noexec,nosuid to /config This change adds some additional flags to the /config mount. This is to reduce the number of mounts with unnecessary privileges. Bug: 73255020 Test: aosp_sailfish still boots Test: CtsAppSecurityHostTestCases {ExternalStorageHostTest,StorageHostTest} Merged-In: If3409d917cdf76a67ebfb7c4035a3ae8fee6189f Change-Id: If3409d917cdf76a67ebfb7c4035a3ae8fee6189f

commit: 4ecaa7bd02ed99135ce42c60e36937fcbb3322c8 [log] [tgz]
author: Luis Hector Chavez <lhchavez@google.com> Wed Feb 14 08:35:01 2018 -0800
committer: Luis Hector Chavez <lhchavez@google.com> Wed Feb 14 20:58:56 2018 +0000
tree: f40ab09bdfed3f77e80eb1f1004c9ae59055892c
parent: f139b6d6eec85ed541e8161c2ba4c084c47e01cf [diff]
diff --git a/rootdir/init.rc b/rootdir/init.rc
index f008c17..0bed51b 100644
--- a/rootdir/init.rc
+++ b/rootdir/init.rc

@@ -85,7 +85,7 @@
     mount tmpfs tmpfs /mnt mode=0755,uid=0,gid=1000
     restorecon_recursive /mnt
 
-    mount configfs none /config
+    mount configfs none /config nodev noexec nosuid
     chmod 0775 /config/sdcardfs
     chown system package_info /config/sdcardfs
commit	4ecaa7bd02ed99135ce42c60e36937fcbb3322c8	[log] [tgz]
author	Luis Hector Chavez <lhchavez@google.com>	Wed Feb 14 08:35:01 2018 -0800
committer	Luis Hector Chavez <lhchavez@google.com>	Wed Feb 14 20:58:56 2018 +0000
tree	f40ab09bdfed3f77e80eb1f1004c9ae59055892c
parent	f139b6d6eec85ed541e8161c2ba4c084c47e01cf [diff]