simplify clatd permission dropping logic
There's no danger here, because we drop privileges
before we start processing packets.
This should also make clatd fully functional on 4.9-q
kernels that still have the Paranoid Android patchset
(by creating all sockets prior to dropping netd's
uid and capabilities).
Test: TreeHugger
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: I14cab836907be8bbedc0812cec277808e9f3f91f
diff --git a/clatd.c b/clatd.c
index bd2bf62..7ec3454 100644
--- a/clatd.c
+++ b/clatd.c
@@ -155,18 +155,16 @@
}
}
-/* function: drop_root_but_keep_caps
- * drops root privs but keeps the needed capabilities
+/* function: drop_root_and_caps
+ * drops root privs and all capabilities
*/
-void drop_root_but_keep_caps() {
+void drop_root_and_caps() {
// see man setgroups: this drops all supplementary groups
if (setgroups(0, NULL) < 0) {
logmsg(ANDROID_LOG_FATAL, "setgroups failed: %s", strerror(errno));
exit(1);
}
- prctl(PR_SET_KEEPCAPS, 1);
-
if (setresgid(AID_CLAT, AID_CLAT, AID_CLAT) < 0) {
logmsg(ANDROID_LOG_FATAL, "setresgid failed: %s", strerror(errno));
exit(1);
@@ -176,8 +174,7 @@
exit(1);
}
- // keep CAP_NET_RAW capability to open raw socket.
- set_capability((1 << CAP_NET_ADMIN) | (1 << CAP_NET_RAW));
+ set_capability(0);
}
/* function: open_sockets