OSDN Git Service

(root) / android-x86 / external-koush-Superuser.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 026a344) | patch
su: Fix verification fails when the client isn't setuid
authorRicardo Cerqueira <ricardo@cyngn.com>
Thu, 11 Dec 2014 19:40:46 +0000 (19:40 +0000)
committerRicardo Cerqueira <ricardo@cyngn.com>
Thu, 11 Dec 2014 19:40:46 +0000 (19:40 +0000)
commitc2ec204be3cea88296fe320636094858b82fc057
tree170bed66769a60042ede3609ebfa72bff3ff6e39tree | snapshot
parent026a344755dd8c4ae243e1474f79593baf849553commit | diff
su: Fix verification fails when the client isn't setuid

Don't take an uid-0 caller as a trust guarantee. Trust only values
that are delivered by a remote that's the same as ourselves (su-as-client
talking to su-as-daemon) and use PEERCRED to assert the remote UID and PID
on any other case.
This fixes credential validation when the client isn't always running with
root privileges via setuid

Change-Id: Iad8fc271d9c6aae7f6654af2ef9db638f2165af1
Superuser/jni/su/daemon.c diff | blob | history
external/koush/Superuser
About OSDN
Find Software
Develop Software
Help