git.osdn.net Git - android-x86/system-netd.git/commit

(root) / android-x86 / system-netd.git / commit

author	Nick Kralevich <nnk@google.com>
	Thu, 20 Jun 2013 00:20:24 +0000 (17:20 -0700)
committer	Nick Kralevich <nnk@google.com>
	Thu, 20 Jun 2013 00:23:14 +0000 (17:23 -0700)
commit	ab3df62f7b5584af6dee4f5ec069b70dd4f4cee6
tree	5677af11080496520b9780db6b469eedc41f7b5d	tree \| snapshot
parent	3911886e854d31058e7d3a6e310e8eafd06c02e0	commit \| diff

netd: reduce privileges

netd doesn't need full root capabilities. Rather, it only needs
CAP_NET_ADMIN and CAP_NET_RAW. Reduce the capabilities to that
set.

netd continues to run with UID=0, which allows applications spawned
by netd to continue to have CAP_NET_ADMIN and CAP_NET_RAW. It also
allows netd to access /proc and /sys files as UID=0.

Change-Id: I439d22150109697213c0cc83276ddb668007b978

main.cpp

diff | blob | history

system/netd

RSS Atom

About OSDN

Find Software

Develop Software

Help