Harden /mnt/pass_through paths
Even though /mnt/pass_through itself is 700 root root, the paths under
it are quite permissive. Now, change them from 755 to 710 root
media_rw since the FUSE daemon is the only one that should access it
and it has media_rw gid
Test: manual
Bug: 135341433
Change-Id: I743c014f2c0273c68a1cead7f4331b55a3abcb4e
diff --git a/Utils.cpp b/Utils.cpp
index 4720645..3915667 100644
--- a/Utils.cpp
+++ b/Utils.cpp
@@ -1062,13 +1062,13 @@
return -1;
}
- result = PrepareDir(pre_pass_through_path, 0755, AID_ROOT, AID_ROOT);
+ result = PrepareDir(pre_pass_through_path, 0710, AID_ROOT, AID_MEDIA_RW);
if (result != android::OK) {
PLOG(ERROR) << "Failed to prepare directory " << pre_pass_through_path;
return -1;
}
- result = PrepareDir(pass_through_path, 0755, AID_ROOT, AID_ROOT);
+ result = PrepareDir(pass_through_path, 0710, AID_ROOT, AID_MEDIA_RW);
if (result != android::OK) {
PLOG(ERROR) << "Failed to prepare directory " << pass_through_path;
return -1;
@@ -1085,7 +1085,7 @@
Symlink("/storage/emulated/" + std::to_string(user_id), linkpath);
std::string pass_through_linkpath(StringPrintf("/mnt/pass_through/%d/self", user_id));
- result = PrepareDir(pass_through_linkpath, 0755, AID_ROOT, AID_ROOT);
+ result = PrepareDir(pass_through_linkpath, 0710, AID_ROOT, AID_MEDIA_RW);
if (result != android::OK) {
PLOG(ERROR) << "Failed to prepare directory " << pass_through_linkpath;
return -1;