commit | 89e379e9a94ddcfc5f47a299c89f9a931d73e41c | [log] [tgz] |
---|---|---|
author | Jeff Vander Stoep <jeffv@google.com> | Tue Jan 05 07:42:16 2016 -0800 |
committer | Jeffrey Vander Stoep <jeffv@google.com> | Tue Jan 05 16:15:54 2016 +0000 |
tree | bb342f18ffeb20e24ba526ae0d3e557e3826e0a4 | |
parent | e97bd887ca353ae02dd1641687431786d7d60cd6 [diff] |
shell: Reduce socket ioctl perms Only allow shell to access the same subset of ioctl commands as untrusted_app. This reduces the attack surface of the kernel available to a local attacker. Bug: 26324307 Bug: 26267358 Change-Id: Ib8ecb9546af5fb480d2622149d4e00ec50cd4cde