Use proprety_socket_for_system if permissions allow
Bug: 262237198
Test: Run POC in one shell, set properties as root and system in another
Ignore-AOSP-First: Security fix
Change-Id: Iff578767398e35f62563ba0b11c0cf191bf1eaa0
diff --git a/libc/bionic/system_property_set.cpp b/libc/bionic/system_property_set.cpp
index 212aafc..bde0c10 100644
--- a/libc/bionic/system_property_set.cpp
+++ b/libc/bionic/system_property_set.cpp
@@ -49,6 +49,8 @@
#include "private/ScopedFd.h"
static const char property_service_socket[] = "/dev/socket/" PROP_SERVICE_NAME;
+static const char property_service_for_system_socket[] =
+ "/dev/socket/" PROP_SERVICE_FOR_SYSTEM_NAME;
static const char* kServiceVersionPropertyName = "ro.property_service.version";
class PropertyServiceConnection {
@@ -60,10 +62,13 @@
return;
}
- const size_t namelen = strlen(property_service_socket);
+ const char* socket = access(property_service_for_system_socket, W_OK) == 0
+ ? property_service_for_system_socket
+ : property_service_socket;
+ const size_t namelen = strlen(socket);
sockaddr_un addr;
memset(&addr, 0, sizeof(addr));
- strlcpy(addr.sun_path, property_service_socket, sizeof(addr.sun_path));
+ strlcpy(addr.sun_path, socket, sizeof(addr.sun_path));
addr.sun_family = AF_LOCAL;
socklen_t alen = namelen + offsetof(sockaddr_un, sun_path) + 1;