Certain apps decide that they want to chmod() their private data
directories to gain more security. We still want to carefully
enforce owner UID/GID, but relax the mode check for now.
Bug: 26549892
Change-Id: I362d530ba0b20fb23f427ac082ee003864adc57d
Some callers, such as installd, have stricter requirements around
directory preparation, where they want to assert ownership and mode
without quietly fixing the values.
Bug: 26466827
Change-Id: Id44db5f29a3326cfe178b443fb450ad2edeaefd8
Don't follow symlinks. Suggestion from Jann Horn.
Also, add O_CLOEXEC. This prevents file descriptor leakage should
this code ever run in a multithreaded environment.
I'm not sure if either of these changes actually address any
security concerns, but it's harmless, so go ahead and add it.
Bug: 15675141
Change-Id: I7ba4e9d10439b7150f59759b54e3ad8ccba411e3
Before this change, FUSE lookup() would have the side effect of
creating the directory on behalf of apps. This resulted in most
directories being created just by Settings trying to measure disk
space. Instead, we're switching to have vold do directory creation
when an app doesn't have enough permissions.
Create fs_mkdirs() utility to create all parent directories in a
path as needed. Allow traversal (+x) into /storage directories.
Fix FUSE derived permissions to be case insensitive. Mark well-known
directories as .nomedia when created.
Bug: 10577808, 10330221
Change-Id: I53114f2e63ffbe6de4ba6a72d94a232523231cad
system/core/libcutils/fs.c: In function 'fs_write_atomic_int':
system/core/libcutils/fs.c:109:5: warning: implicit declaration of function 'mkstemp' [-Wimplicit-function-declaration]
Change-Id: I337ecb818f85e20b058f782df45987acf2e9d6c1
When two zygotes are starting, they both may try creating a mount
point after checking lstat(). The second mkdir() will result in
EEXIST, which is okay to ignore.
Bug: 7165469
Change-Id: If4411e2621f773c74cd05247899982fa5ebdd020