commit 7ece0a862cf97e85bbe69458a32a2bd165456874
author Nick Kralevich <nnk@google.com> Wed Jan 23 09:24:33 2013 -0800
committer Nick Kralevich <nnk@google.com> Wed Jan 23 09:30:17 2013 -0800
tree d1e56d84dea31d4a19e0d8b9afd47d0e6b97a0b1
parent 2840647b15fe91069aee02ce0e203943346bf294

property_service: make /dev/__properties__ readable

Currently, system properties are passed via the environment
variable ANDROID_PROPERTY_WORKSPACE and a file descriptor passed
from parent to child. This is insecure for setuid executables,
as the environment variable can be changed by the caller.

Make the /dev/__properties__ file accessible, so an app can
get properties directly from the file, rather than relying on
environment variables.

Preserve the environment variable for compatibility with pre-existing
apps.

Bug: 8045561
Change-Id: If81e2b705eca43ddd8b491871aceff59c0e00387

init/property_service.c

diff --git a/init/property_service.c b/init/property_service.c
index 61dd86f..5780001 100755
--- a/init/property_service.c
+++ b/init/property_service.c
@@ -123,7 +123,7 @@
         /* dev is a tmpfs that we can use to carve a shared workspace
          * out of, so let's do that...
          */
-    fd = open("/dev/__properties__", O_RDWR | O_CREAT | O_NOFOLLOW, 0600);
+    fd = open(PROP_FILENAME, O_RDWR | O_CREAT | O_NOFOLLOW, 0644);
     if (fd < 0)
         return -1;
 
@@ -136,12 +136,10 @@
 
     close(fd);
 
-    fd = open("/dev/__properties__", O_RDONLY | O_NOFOLLOW);
+    fd = open(PROP_FILENAME, O_RDONLY | O_NOFOLLOW);
     if (fd < 0)
         return -1;
 
-    unlink("/dev/__properties__");
-
     w->data = data;
     w->size = size;
     w->fd = fd;