fs_config.c: make *.prop files 0600 Enforce that the only API for reading properties is through the property server, not by reading the (system|vendor|rootfs) *.prop files. Test: Device boots and no property errors. Change-Id: Ibb6ed4e74a80cac00010c707d7574f8e92fc6448

commit: f27b8cb8846568933a3a635af93bbdb63c1304b8 [log] [tgz]
author: Nick Kralevich <nnk@google.com> Fri Dec 16 14:52:35 2016 -0800
committer: Nick Kralevich <nnk@google.com> Fri Dec 16 14:54:02 2016 -0800
tree: 93a77bb092e8c8acfbc6ea64ab05a3269d820aa0
parent: c9bc62819d389eca8e1d4659cb96c849dd778257 [diff]
diff --git a/libcutils/fs_config.c b/libcutils/fs_config.c
index 032e361..6155d16 100644
--- a/libcutils/fs_config.c
+++ b/libcutils/fs_config.c

@@ -188,6 +188,9 @@
     { 00750, AID_ROOT,      AID_SHELL,     0, "init*" },
     { 00750, AID_ROOT,      AID_SHELL,     0, "sbin/fs_mgr" },
     { 00640, AID_ROOT,      AID_SHELL,     0, "fstab.*" },
+    { 00600, AID_ROOT,      AID_ROOT,      0, "system/build.prop" },
+    { 00600, AID_ROOT,      AID_ROOT,      0, "vendor/build.prop" },
+    { 00600, AID_ROOT,      AID_ROOT,      0, "default.prop" },
     { 00644, AID_ROOT,      AID_ROOT,      0, 0 },
 };
commit	f27b8cb8846568933a3a635af93bbdb63c1304b8	[log] [tgz]
author	Nick Kralevich <nnk@google.com>	Fri Dec 16 14:52:35 2016 -0800
committer	Nick Kralevich <nnk@google.com>	Fri Dec 16 14:54:02 2016 -0800
tree	93a77bb092e8c8acfbc6ea64ab05a3269d820aa0
parent	c9bc62819d389eca8e1d4659cb96c849dd778257 [diff]