commit | 5b07c2d25292a742cda5ebb0b67248a19279b9e6 | [log] [tgz] |
---|---|---|
author | Daniel Mentz <danielmentz@google.com> | Thu Jul 06 18:13:08 2017 -0700 |
committer | Daniel Mentz <danielmentz@google.com> | Fri Jul 21 11:10:17 2017 -0700 |
tree | d1ee1bfe4c2089089e2fa825e30a4aaed9878456 | |
parent | 14accea70e449e15fb474c077658600e5f79f635 [diff] |
Revert "ANDROID: proc: smaps: Allow smaps access for CAP_SYS_RESOURCE" This reverts commit ff8b80819cf4d76ff7fdfeb85d35f28f916105bd. This fixes CVE-2017-0710. SELinux allows more fine grained control: We grant processes that need access to smaps CAP_SYS_PTRACE but prohibit them from using ptrace attach(). Bug: 34951864 Bug: 36468447 Change-Id: I00a513188245a30bc63dcbdafbb9746bc6d9d6ff Signed-off-by: Daniel Mentz <danielmentz@google.com>