Revert "libbinder: require shell/root UID for shell"
This reverts commit f0f97d362a7ca644ac41542a12cc674e090135d3.
Reason for revert: as requested by frameworks team: implementations of
shell command should check permissions and calls to binder
interfaces are already guarded by SELinux.
Bug: N/A
Test: N/A
Change-Id: I0f4181bb7f9fdb252644cbbcbcd099696ce150be
diff --git a/libs/binder/Binder.cpp b/libs/binder/Binder.cpp
index 7324cf5..96ee295 100644
--- a/libs/binder/Binder.cpp
+++ b/libs/binder/Binder.cpp
@@ -17,15 +17,12 @@
#include <binder/Binder.h>
#include <atomic>
+#include <utils/misc.h>
#include <binder/BpBinder.h>
#include <binder/IInterface.h>
-#include <binder/IPCThreadState.h>
#include <binder/IResultReceiver.h>
#include <binder/IShellCallback.h>
#include <binder/Parcel.h>
-#include <cutils/android_filesystem_config.h>
-#include <cutils/compiler.h>
-#include <utils/misc.h>
#include <stdio.h>
@@ -128,19 +125,6 @@
{
data.setDataPosition(0);
- // Shell command transaction is conventionally implemented by
- // overriding onTransact by copy/pasting the parceling code from
- // this file. So, we must check permissions for it before we call
- // onTransact. This check is here because shell APIs aren't
- // guaranteed to be stable, and so they should only be used by
- // developers.
- if (CC_UNLIKELY(code == SHELL_COMMAND_TRANSACTION)) {
- uid_t uid = IPCThreadState::self()->getCallingUid();
- if (uid != AID_SHELL && uid != AID_ROOT) {
- return PERMISSION_DENIED;
- }
- }
-
status_t err = NO_ERROR;
switch (code) {
case PING_TRANSACTION: