diff options
| author | Mark Salyzyn <salyzyn@google.com> | 2016-12-02 08:05:22 -0800 |
|---|---|---|
| committer | Mark Salyzyn <salyzyn@google.com> | 2016-12-05 11:26:39 -0800 |
| commit | 978fd0ea254f11f84e38b41a74bbe70c81edc197 (patch) | |
| tree | 9648713f103f13b660c368c56102ae8c1cba19c0 /init/service.cpp | |
| parent | e218fc673fcc0aa4a7291b4a2161d9427aa79aa3 (diff) | |
| download | core-978fd0ea254f11f84e38b41a74bbe70c81edc197.tar.gz core-978fd0ea254f11f84e38b41a74bbe70c81edc197.tar.bz2 core-978fd0ea254f11f84e38b41a74bbe70c81edc197.zip | |
init: service file command only opens existing files
Mixing open or create, along with attribute(MAC) and permissions(DAC)
is a security and confusion issue.
Fix an issue where fcntl F_SETFD was called to clear O_NONBLOCK, when
it should have been F_SETFL. Did not present a problem because the
current user of this feature does writes and control messages only.
Test: gTest logd-unit-tests and check dmesg for logd content.
Bug: 32450474
Bug: 33242020
Change-Id: I23cb9a9be5ddb7e8e9c58c79838bc07536e766e6
Diffstat (limited to 'init/service.cpp')
| -rw-r--r-- | init/service.cpp | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/init/service.cpp b/init/service.cpp index 4b9724ddf..a7eaf6650 100644 --- a/init/service.cpp +++ b/init/service.cpp @@ -526,7 +526,7 @@ Service::OptionParserMap::Map& Service::OptionParserMap::map() const { {"seclabel", {1, 1, &Service::ParseSeclabel}}, {"setenv", {2, 2, &Service::ParseSetenv}}, {"socket", {3, 6, &Service::ParseSocket}}, - {"file", {2, 6, &Service::ParseFile}}, + {"file", {2, 2, &Service::ParseFile}}, {"user", {1, 1, &Service::ParseUser}}, {"writepid", {1, kMax, &Service::ParseWritepid}}, }; |