am fb69c2e2: Merge "init.rc: setup qtaguid group ownership of ctrl and stat files" * commit 'fb69c2e2577e056bb7a054343a9f6d781cedbf3d': init.rc: setup qtaguid group ownership of ctrl and stat files

commit: ba900f2e708f0b654cdaa827804cbb21af4e4fb4 [log] [tgz]
author: JP Abgrall <jpa@google.com> Fri Jan 04 18:08:24 2013 -0800
committer: Android Git Automerger <android-git-automerger@android.com> Fri Jan 04 18:08:24 2013 -0800
tree: 171d3013ce1a539688148e44d9852672404ffe87
parent: 3f8d6cded84bd526f7e648905565a1d262ca9906 [diff]
parent: fb69c2e2577e056bb7a054343a9f6d781cedbf3d [diff]
diff --git a/rootdir/init.rc b/rootdir/init.rc
index 1a671f5..871a1f7 100644
--- a/rootdir/init.rc
+++ b/rootdir/init.rc

@@ -120,6 +120,12 @@
     write /dev/cpuctl/apps/bg_non_interactive/cpu.rt_runtime_us 700000
     write /dev/cpuctl/apps/bg_non_interactive/cpu.rt_period_us 1000000
 
+# qtaguid will limit access to specific data based on group memberships.
+#   net_bw_acct grants impersonation of socket owners.
+#   net_bw_stats grants access to other apps' detailed tagged-socket stats.
+    chown root net_bw_acct /proc/net/xt_qtaguid/ctrl
+    chown root net_bw_stats /proc/net/xt_qtaguid/stats
+
 # Allow everybody to read the xt_qtaguid resource tracking misc dev.
 # This is needed by any process that uses socket tagging.
     chmod 0644 /dev/xt_qtaguid
commit	ba900f2e708f0b654cdaa827804cbb21af4e4fb4	[log] [tgz]
author	JP Abgrall <jpa@google.com>	Fri Jan 04 18:08:24 2013 -0800
committer	Android Git Automerger <android-git-automerger@android.com>	Fri Jan 04 18:08:24 2013 -0800
tree	171d3013ce1a539688148e44d9852672404ffe87
parent	3f8d6cded84bd526f7e648905565a1d262ca9906 [diff]
parent	fb69c2e2577e056bb7a054343a9f6d781cedbf3d [diff]