Merge "Remove write permission from file mode of top-level user dirs" am: c73150307a
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/2617599
Change-Id: I05ddef6a233b326b44d1de36c1a3aeecba1c7b67
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
diff --git a/model/PrivateVolume.cpp b/model/PrivateVolume.cpp
index a692ea9..55b8d0b 100644
--- a/model/PrivateVolume.cpp
+++ b/model/PrivateVolume.cpp
@@ -171,11 +171,11 @@
// Verify that common directories are ready to roll
if (PrepareDir(mPath + "/app", 0771, AID_SYSTEM, AID_SYSTEM) ||
- PrepareDir(mPath + "/user", 0711, AID_SYSTEM, AID_SYSTEM) ||
- PrepareDir(mPath + "/user_de", 0711, AID_SYSTEM, AID_SYSTEM) ||
- PrepareDir(mPath + "/misc_ce", 0711, AID_SYSTEM, AID_SYSTEM) ||
- PrepareDir(mPath + "/misc_de", 0711, AID_SYSTEM, AID_SYSTEM) ||
- PrepareDir(mPath + "/media", 0770, AID_MEDIA_RW, AID_MEDIA_RW, attrs) ||
+ PrepareDir(mPath + "/user", 0511, AID_SYSTEM, AID_SYSTEM) ||
+ PrepareDir(mPath + "/user_de", 0511, AID_SYSTEM, AID_SYSTEM) ||
+ PrepareDir(mPath + "/misc_ce", 0511, AID_SYSTEM, AID_SYSTEM) ||
+ PrepareDir(mPath + "/misc_de", 0511, AID_SYSTEM, AID_SYSTEM) ||
+ PrepareDir(mPath + "/media", 0550, AID_MEDIA_RW, AID_MEDIA_RW, attrs) ||
PrepareDir(mPath + "/media/0", 0770, AID_MEDIA_RW, AID_MEDIA_RW) ||
PrepareDir(mPath + "/local", 0751, AID_ROOT, AID_ROOT) ||
PrepareDir(mPath + "/local/tmp", 0771, AID_SHELL, AID_SHELL)) {