Zygote: limit the bounding capability set to CAP_NET_RAW
Prevent a zygote spawned application from acquiring
capabilities other than CAP_NET_RAW. The only Zygote
accessible program on Android which grants capabilities
is /system/bin/ping (CAP_NET_RAW), so we don't need to
keep the other capabilities in our bounding set.
If the kernel doesn't support file capabilities, we
end up printing approx 30 lines of warning messages. Hopefully
this will encourage kernel developers to upgrade. In a future
change, we can turn a prctl(PR_CAPBSET_DROP) failure into
a fatal error.
Change-Id: I8560fa5ad125bf31f0d13be513431697bc7d22bb
1 file changed
