AtaraxiaDev/divestos-build
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
divestos-build/Patches/Copperhead-13.0/android_system_core/2.patch
Tad c0083c1519 Initial commit, long overdue
2016-12-21 19:30:02 -05:00

27 lines
1.0 KiB
Diff
Raw Blame History

From 5eb07e6823e9e68e30f25e4d85466d9b1fccf48d Mon Sep 17 00:00:00 2001
From: Daniel Micay <danielmicay@gmail.com>
Date: Fri, 6 Feb 2015 11:46:34 -0500
Subject: [PATCH] tighten up mount permissions
---
init/init.cpp | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/init/init.cpp b/init/init.cpp
index 542c35e..c7275b1 100644
--- a/init/init.cpp
+++ b/init/init.cpp
@@ -1039,9 +1039,9 @@ int main(int argc, char** argv) {
mount("tmpfs", "/dev", "tmpfs", MS_NOSUID, "mode=0755");
mkdir("/dev/pts", 0755);
mkdir("/dev/socket", 0755);
- mount("devpts", "/dev/pts", "devpts", 0, NULL);
- mount("proc", "/proc", "proc", 0, NULL);
- mount("sysfs", "/sys", "sysfs", 0, NULL);
+ mount("devpts", "/dev/pts", "devpts", MS_NOSUID|MS_NOEXEC, NULL);
+ mount("proc", "/proc", "proc", MS_NOSUID|MS_NODEV|MS_NOEXEC, NULL);
+ mount("sysfs", "/sys", "sysfs", MS_NOSUID|MS_NODEV|MS_NOEXEC, NULL);
}
// We must have some place other than / to create the device nodes for
Reference in New Issue View Git Blame Copy Permalink