Google Git
Sign in
android / platform / dalvik / 2d37f9a1eb7f5375e8cad9ccb59d96d650d18f6e
commit2d37f9a1eb7f5375e8cad9ccb59d96d650d18f6e[log] [tgz]
authorNick Kralevich <nnk@google.com>Mon Feb 25 12:13:27 2013 -0800
committerNick Kralevich <nnk@google.com>Mon Feb 25 15:34:32 2013 -0800
treef60d1acc589b553b136a58be0ca00acaa8b8a19f
parent480936ff88963b8af86a770cac314a6956dfbfe0 [diff]
Zygote: remount /system nosuid/nodev

Android no longer has any setuid / setgid programs accessible
to zygote. Make sure /system is remounted nosuid and nodev
for zygote spawned processes.

We use mount namespaces to make sure these changes are
only visible to zygote spawned processes. We continue to need
/system mounted with suid to support /system/bin/run-as.
See also: b/8253345

Change-Id: I959512520461f22d1fd88c12a2785a362639f7ed
1 file changed
tree: f60d1acc589b553b136a58be0ca00acaa8b8a19f
  1. dalvikvm/
  2. dexdump/
  3. dexgen/
  4. dexlist/
  5. dexopt/
  6. docs/
  7. dx/
  8. hit/
  9. libdex/
  10. opcode-gen/
  11. tests/
  12. tools/
  13. unit-tests/
  14. vm/
  15. Android.mk
  16. CleanSpec.mk
  17. MODULE_LICENSE_APACHE2
  18. NOTICE
  19. README.txt