Merge "Remove write permission from file mode of top-level user dirs" am: c73150307a am: 55593258ac

Original change: https://android-review.googlesource.com/c/platform/system/vold/+/2617599 Change-Id: I81dbb99fb7641e27cfb49c97525e045bf5968692 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-06-20 18:35:50 +00:00 · 2023-06-20 18:35:50 +00:00 · 0f7c1825b1
commit 0f7c1825b1
parent 8e38d39179 55593258ac
1 changed files with 5 additions and 5 deletions
--- a/model/PrivateVolume.cpp
+++ b/model/PrivateVolume.cpp
@ -171,11 +171,11 @@ status_t PrivateVolume::doMount() {

    // Verify that common directories are ready to roll
    if (PrepareDir(mPath + "/app", 0771, AID_SYSTEM, AID_SYSTEM) ||
-        PrepareDir(mPath + "/user", 0711, AID_SYSTEM, AID_SYSTEM) ||
-        PrepareDir(mPath + "/user_de", 0711, AID_SYSTEM, AID_SYSTEM) ||
-        PrepareDir(mPath + "/misc_ce", 0711, AID_SYSTEM, AID_SYSTEM) ||
-        PrepareDir(mPath + "/misc_de", 0711, AID_SYSTEM, AID_SYSTEM) ||
-        PrepareDir(mPath + "/media", 0770, AID_MEDIA_RW, AID_MEDIA_RW, attrs) ||
+        PrepareDir(mPath + "/user", 0511, AID_SYSTEM, AID_SYSTEM) ||
+        PrepareDir(mPath + "/user_de", 0511, AID_SYSTEM, AID_SYSTEM) ||
+        PrepareDir(mPath + "/misc_ce", 0511, AID_SYSTEM, AID_SYSTEM) ||
+        PrepareDir(mPath + "/misc_de", 0511, AID_SYSTEM, AID_SYSTEM) ||
+        PrepareDir(mPath + "/media", 0550, AID_MEDIA_RW, AID_MEDIA_RW, attrs) ||
        PrepareDir(mPath + "/media/0", 0770, AID_MEDIA_RW, AID_MEDIA_RW) ||
        PrepareDir(mPath + "/local", 0751, AID_ROOT, AID_ROOT) ||
        PrepareDir(mPath + "/local/tmp", 0771, AID_SHELL, AID_SHELL)) {