From ab46a4922655bc75848660da4268ab85d72a6010 Mon Sep 17 00:00:00 2001 From: Nick Kralevich Date: Sat, 7 Nov 2015 17:05:41 -0800 Subject: Allow read access to /proc entries for other UIDs Allow dumpstate (aka adb bugreport), servicemanager, and surfaceflinger to access /proc entries associated with other UIDs. Bug: 23310674 Change-Id: I385dcf0db3376ba979409cbe6fe1a468d36237ef --- cmds/dumpstate/dumpstate.c | 2 +- cmds/servicemanager/servicemanager.rc | 2 +- services/surfaceflinger/surfaceflinger.rc | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/cmds/dumpstate/dumpstate.c b/cmds/dumpstate/dumpstate.c index 0a393fd91..bbce3c2ac 100644 --- a/cmds/dumpstate/dumpstate.c +++ b/cmds/dumpstate/dumpstate.c @@ -694,7 +694,7 @@ int main(int argc, char *argv[]) { /* switch to non-root user and group */ gid_t groups[] = { AID_LOG, AID_SDCARD_R, AID_SDCARD_RW, - AID_MOUNT, AID_INET, AID_NET_BW_STATS }; + AID_MOUNT, AID_INET, AID_NET_BW_STATS, AID_READPROC }; if (setgroups(sizeof(groups)/sizeof(groups[0]), groups) != 0) { ALOGE("Unable to setgroups, aborting: %s\n", strerror(errno)); return -1; diff --git a/cmds/servicemanager/servicemanager.rc b/cmds/servicemanager/servicemanager.rc index e73516dbb..b70fda7ee 100644 --- a/cmds/servicemanager/servicemanager.rc +++ b/cmds/servicemanager/servicemanager.rc @@ -1,7 +1,7 @@ service servicemanager /system/bin/servicemanager class core user system - group system + group system readproc critical onrestart restart healthd onrestart restart zygote diff --git a/services/surfaceflinger/surfaceflinger.rc b/services/surfaceflinger/surfaceflinger.rc index 59a43e219..eb9bd25a6 100644 --- a/services/surfaceflinger/surfaceflinger.rc +++ b/services/surfaceflinger/surfaceflinger.rc @@ -1,6 +1,6 @@ service surfaceflinger /system/bin/surfaceflinger class core user system - group graphics drmrpc + group graphics drmrpc readproc onrestart restart zygote writepid /dev/cpuset/system-background/tasks -- cgit v1.2.3-54-g00ecf