logd: clear DUMPABLE

Do not allow anyone to see logd memory. Test: gTest logd-unit-tests, liblog-unit-tests and logcat-unit-tests Bug: 32450474 Change-Id: Ic7377efcb7e1d3cd91b50741061037a0fb589045
author: Mark Salyzyn <salyzyn@google.com> 2016-10-28 14:49:53 -0700
committer: Mark Salyzyn <salyzyn@google.com> 2016-11-03 11:20:59 -0700
commit: 6a70ded7bfa8914aaa3dc25630ff2713ae893f80 (patch)
tree: 65f3567908e1bc7388b91f1f76d0e2da856ca11b /logd/main.cpp
parent: 3a724a8f5d7876b97e4e7f39a0cfc2f0fdc87fd3 (diff)
download: system_core-6a70ded7bfa8914aaa3dc25630ff2713ae893f80.tar.gz
system_core-6a70ded7bfa8914aaa3dc25630ff2713ae893f80.tar.bz2
system_core-6a70ded7bfa8914aaa3dc25630ff2713ae893f80.zip
1 files changed, 5 insertions, 0 deletions
diff --git a/logd/main.cpp b/logd/main.cpp
index 0cb26dcb1..1ac1415ed 100644
--- a/logd/main.cpp
+++ b/logd/main.cpp
@@ -106,6 +106,11 @@ static int drop_privs() {
         return -1;
     }
 
+    if (prctl(PR_SET_DUMPABLE, 0) < 0) {
+        android::prdebug("failed to clear PR_SET_DUMPABLE");
+        return -1;
+    }
+
     gid_t groups[] = { AID_READPROC };
     ScopedMinijail j(minijail_new());
     minijail_set_supplementary_gids(j.get(), arraysize(groups), groups);
author	Mark Salyzyn <salyzyn@google.com>	2016-10-28 14:49:53 -0700
committer	Mark Salyzyn <salyzyn@google.com>	2016-11-03 11:20:59 -0700
commit	6a70ded7bfa8914aaa3dc25630ff2713ae893f80 (patch)
tree	65f3567908e1bc7388b91f1f76d0e2da856ca11b /logd/main.cpp
parent	3a724a8f5d7876b97e4e7f39a0cfc2f0fdc87fd3 (diff)
download	system_core-6a70ded7bfa8914aaa3dc25630ff2713ae893f80.tar.gz system_core-6a70ded7bfa8914aaa3dc25630ff2713ae893f80.tar.bz2 system_core-6a70ded7bfa8914aaa3dc25630ff2713ae893f80.zip