-
Notifications
You must be signed in to change notification settings - Fork 323
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update README #36
Open
shadiberck
wants to merge
76
commits into
ChainsDD:legacy
Choose a base branch
from
shadiberck:patch-1
base: legacy
Could not load branches
Branch not found: {{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
Open
Update README #36
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Change-Id: Ic1d1a0eccf7fae96243c19bf8abc207b5b991200
Possible db fix
The patches I've sent early
supplementary groups have been dropped already at this time (introduced by commit 00f1bb5)
Previous code created a file object with two steps: the creation itself with default umask/mode and setting necessary permissions then. This approach is known to lead to a race condition when malicious process can open an object before permissions is set. The patch sets creation mask (mask) to 027, thus denying any access from others. Also, the patch removes all dead code which is not needed after changes mentioned.
Fix potential security flaw in creation of sockets/directories
supplementary groups have been dropped already at this time (introduced by commit 00f1bb5)
So user could distinguish between SIGHUP and other abnormal terminations at least
Thus, someone may invoke su as su -s shell uid args... For example, su -s /system/xbin/busybox root mount -o rw,remount /system
property_get() iterates over potentially unbound array of properties. There is no good for calling it several times per su invocation.
…ss image" This reverts commit e0329ce.
Fixes a bug reported in a comment to the issue ChainsDD#9 against su-binary (see ChainsDD#9 (comment) for details). Thanks to Erik Pilsits ([email protected]) for the report. Add the euid change before populate_environment() anticipating we have to merge the commit "Inherit LD_LIBRARY_PATH ...", which needs root credentials in order to successfully open /proc/<ppid>/environ.
This commit is by koush and is mostly copied from the CyanogenMod fork of su. By using am instead of a binder transaction, we can guarantee compatibility with current and future versions of Android.
With so many different versions of Android, using a dynamically linked binary is just not practical, since things can be wildly different on different versions.
This reverts commit ff77b49.
This reverts commit ec37525.
This reverts commit 588c414.
This reverts commit 15ea355.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.