Merge "Make sure a deleted VM stays deleted"

commit: fc9f60fd83194417d38044b166f29f813f69b1c6 [log] [tgz]
author: Treehugger Robot <treehugger-gerrit@google.com> Tue Jan 03 13:51:42 2023 +0000
committer: Gerrit Code Review <noreply-gerritcodereview@google.com> Tue Jan 03 13:51:42 2023 +0000
tree: 476fc06d3e9c58789b2c5480af5443872687f5f4
parent: 3253d200962db3c3ec8de3522c5afeb4bebb08d4 [diff]
parent: 40dd5b2725cfa57625afde08d4ef2e936d95e6b4 [diff]
diff --git a/compos/apex/composd.rc b/compos/apex/composd.rc
index 3e2efb1..df04642 100644
--- a/compos/apex/composd.rc
+++ b/compos/apex/composd.rc

@@ -19,3 +19,10 @@
     interface aidl android.system.composd
     disabled
     oneshot
+    # Explicitly specify empty capabilities, otherwise composd will inherit all
+    # the capabilities from init.
+    # Note: whether a process can use capabilities is controlled by SELinux, so
+    # inheriting all the capabilities from init is not a security issue.
+    # However, for defense-in-depth and just for the sake of bookkeeping it's
+    # better to explicitly state that composd doesn't need any capabilities.
+    capabilities
commit	fc9f60fd83194417d38044b166f29f813f69b1c6	[log] [tgz]
author	Treehugger Robot <treehugger-gerrit@google.com>	Tue Jan 03 13:51:42 2023 +0000
committer	Gerrit Code Review <noreply-gerritcodereview@google.com>	Tue Jan 03 13:51:42 2023 +0000
tree	476fc06d3e9c58789b2c5480af5443872687f5f4
parent	3253d200962db3c3ec8de3522c5afeb4bebb08d4 [diff]
parent	40dd5b2725cfa57625afde08d4ef2e936d95e6b4 [diff]