GoogleGit

commit9907ca3cb8982063a846426ad3bdf3f90e3b87c2[log][tgz]
authorNick Kralevich <nnk@google.com>Wed Feb 27 15:39:41 2013 -0800
committerNick Kralevich <nnk@google.com>Thu Feb 28 13:14:48 2013 -0800
tree8ce9773345921d01b417db985961a82d49ab4ff1
parent64d4c47f1869c5f655f9a1bbdc57ad977b76f817[diff]
Zygote: remount /system nosuid/nodev

Android no longer has any setuid / setgid programs accessible
to zygote. Make sure /system is remounted nosuid and nodev
for zygote spawned processes.

We use mount namespaces to make sure these changes are
only visible to zygote spawned processes. We continue to need
/system mounted with suid to support /system/bin/run-as.
See also: b/8253345

Change-Id: Ib58a8d56b42e4b022b6b4e51932f0a415298c920
1 file changed
tree: 8ce9773345921d01b417db985961a82d49ab4ff1
  1. Android.mk
  2. CleanSpec.mk
  3. MODULE_LICENSE_APACHE2
  4. NOTICE
  5. README.txt
  6. dalvikvm/
  7. dexdump/
  8. dexgen/
  9. dexlist/
  10. dexopt/
  11. docs/
  12. dx/
  13. hit/
  14. libdex/
  15. opcode-gen/
  16. tests/
  17. tools/
  18. unit-tests/
  19. vm/