$USER and $LOGNAME along with $HOME were just plain wrong (leading to a
misleading interactive prompt), and it probably makes sense to reset the
variables that su would reset.
Bug: https://code.google.com/p/android/issues/detail?id=187438
Change-Id: I0404511453d371f36801f0212a8d72d93f0bc8ac
1. Calculate AID for spawned process as (100000 * $user) + uid_from_packages.list
2. Use /data/user/$user/$packageDir as a root of a new process if $user != 0.
Change-Id: I761dfb481114bd51e5a950307fcaf403e96eef10
(cherry picked from commit da31778f3b)
- do not assume that caller has granted effective bits in capabilities
- only elevate capabilities when needed
- suppress capabilities before exec when called as shell,shell,shell
- some Android coding standard cleanup
Bug: 19908228
Change-Id: Ibe3d1c1a0fdcb54c41d7a72395e50ad749df98ce
In Android 4.3 the run-as binary no longer has the SUID/SGID bits
set. Instead, it requires to be installed with setuid and setgid
file-based capabilities. As a result of the above two changes, the
binary no longer executes as root when invoked by the "shell" user
but can still change its UID/GID to that of the target package.
Unfortunately, run-as attempts to chdir into the target package's
data directory before changing its effective UID/GID. As a result,
when run-as is invoked by the "shell" user, the chdir operation
fails.
The fix is for run-as to chdir after changing the effective UID/GID
to those of the target package.
Bug: 10154652
(cherry picked from commit f2904a7b63)
Change-Id: I0f6cb9efd49f5c2c491f7aa1d614d700a5ec2304
Change allows the proper seinfo value to be passed
to libselinux to switch to the proper app security
context before running the shell.
Change-Id: I9d7ea47c920b1bc09a19008345ed7fd0aa426e87
Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil>
Before invoking the specified command or a shell, set the
SELinux security context.
Change-Id: Ifc7f91aed9d298290b95d771484b322ed7a4c594
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Typical usage is 'run-as <package-name> <command>' to run <command>
in the data directory, and the user id, of <package-name> if, and only
if <package-name> is the name of an installed and debuggable application.
This relies on the /data/system/packages.list file generated by the
PackageManager service.
BEWARE: This is intended to be available on production devices !
