Gitiles
Code Review Sign In
review.blissroms.org / platform_system_core_old / d35f9b00e50db3fa8125a53aaaab42c7fb7fbd94
commitd35f9b00e50db3fa8125a53aaaab42c7fb7fbd94[log] [tgz]
authorNick Kralevich <nnk@google.com>Wed Feb 24 15:50:52 2016 -0800
committerNick Kralevich <nnk@google.com>Wed Feb 24 15:50:52 2016 -0800
treeb9a7cb3cb0f5f442a3e597459dcd069a472ea870
parente8c9c746418fa1389b555168e4b7653f0b662508 [diff]
init: harden socket creation against symlinks

Instead of using chown, use the symlink safe lchown.

Instead of using chmod, use the symlink safe fchmodat
with AT_SYMLINK_NOFOLLOW.

Fix a bug where the SELinux filesystem creation context may
not be restored, and some memory not freed, if bind() fails.

Check the return values from the chown/chmod calls and unlink
the files if it ever fails.

Bug: 27337831
Change-Id: I3343786f5a4eefda7bbb8317f2eca16bd21003c0
1 file changed
tree: b9a7cb3cb0f5f442a3e597459dcd069a472ea870
  1. adb/
  2. adf/
  3. base/
  4. bootstat/
  5. cpio/
  6. crash_reporter/
  7. debuggerd/
  8. fastboot/
  9. fingerprintd/
  10. fs_mgr/
  11. gatekeeperd/
  12. healthd/
  13. include/
  14. init/
  15. libbacktrace/
  16. libbinderwrapper/
  17. libcutils/
  18. libdiskconfig/
  19. libion/
  20. liblog/
  21. libmemtrack/
  22. libmincrypt/
  23. libnativebridge/
  24. libnativeloader/
  25. libnetutils/
  26. libpackagelistparser/
  27. libpixelflinger/
  28. libprocessgroup/
  29. libsparse/
  30. libsuspend/
  31. libsync/
  32. libsysutils/
  33. libusbhost/
  34. libutils/
  35. libziparchive/
  36. lmkd/
  37. logcat/
  38. logd/
  39. logwrapper/
  40. metricsd/
  41. mkbootimg/
  42. reboot/
  43. rootdir/
  44. run-as/
  45. sdcard/
  46. toolbox/
  47. trusty/
  48. tzdatacheck/
  49. .gitignore
  50. Android.mk
  51. CleanSpec.mk
  52. MODULE_LICENSE_APACHE2
  53. NOTICE