These paths previously had 0755 permission bits (/mnt/installer got its bits from the /mnt/user bind mount). With such permissive bits, an unauthorized app can access a file using the /mnt/installer path for instance even if access via /storage would have been restricted. In init.rc we create /mnt/user with 0755 initially, this is to keep /sdcard working without FUSE. When mounting a FUSE filesystem, we enusure in vold that /mnt/user is changed to 0700 Bug: 135341433 Test: adb shell ls -d /mnt/{user, installer} Change-Id: Id387e34c5fd257858861246ad51486892653fb3agugelfrei
parent
e3d2051668
commit
1242be866c
Loading…
Reference in new issue