Merge "Remove write permission from file mode of top-level user dirs" am: c73150307a am: 55593258ac am: 0f7c1825b1 am: 4801c65d8e am: d1cf82849a
Original change: https://android-review.googlesource.com/c/platform/system/vold/+/2617599
Change-Id: I3f84115327e9508b3bf4f1d9356d0493e0059666
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
diff --git a/model/PrivateVolume.cpp b/model/PrivateVolume.cpp
index a692ea9..55b8d0b 100644
--- a/model/PrivateVolume.cpp
+++ b/model/PrivateVolume.cpp
@@ -171,11 +171,11 @@
// Verify that common directories are ready to roll
if (PrepareDir(mPath + "/app", 0771, AID_SYSTEM, AID_SYSTEM) ||
- PrepareDir(mPath + "/user", 0711, AID_SYSTEM, AID_SYSTEM) ||
- PrepareDir(mPath + "/user_de", 0711, AID_SYSTEM, AID_SYSTEM) ||
- PrepareDir(mPath + "/misc_ce", 0711, AID_SYSTEM, AID_SYSTEM) ||
- PrepareDir(mPath + "/misc_de", 0711, AID_SYSTEM, AID_SYSTEM) ||
- PrepareDir(mPath + "/media", 0770, AID_MEDIA_RW, AID_MEDIA_RW, attrs) ||
+ PrepareDir(mPath + "/user", 0511, AID_SYSTEM, AID_SYSTEM) ||
+ PrepareDir(mPath + "/user_de", 0511, AID_SYSTEM, AID_SYSTEM) ||
+ PrepareDir(mPath + "/misc_ce", 0511, AID_SYSTEM, AID_SYSTEM) ||
+ PrepareDir(mPath + "/misc_de", 0511, AID_SYSTEM, AID_SYSTEM) ||
+ PrepareDir(mPath + "/media", 0550, AID_MEDIA_RW, AID_MEDIA_RW, attrs) ||
PrepareDir(mPath + "/media/0", 0770, AID_MEDIA_RW, AID_MEDIA_RW) ||
PrepareDir(mPath + "/local", 0751, AID_ROOT, AID_ROOT) ||
PrepareDir(mPath + "/local/tmp", 0771, AID_SHELL, AID_SHELL)) {