app_process: don't use PR_SET_NO_NEW_PRIVS.

selinux should provide equivalent protection, and this prevents transitioning to a helper binary for crash dumping. Bug: http://b/30705528 Change-Id: I64b05236931d418f268b193418e937ab6b0985e0
2017-01-03 13:29:03 -08:00
parent b9eb093c3c
commit 92517e4c03
1 changed files with 0 additions and 4 deletions
--- a/cmds/app_process/app_main.cpp
+++ b/cmds/app_process/app_main.cpp
@@ -184,10 +184,6 @@ static const char ZYGOTE_NICE_NAME[] = "zygote";

 int main(int argc, char* const argv[])
 {
-    if (prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0) < 0) {
-        LOG_ALWAYS_FATAL("PR_SET_NO_NEW_PRIVS failed: %s", strerror(errno));
-    }
-
    if (!LOG_NDEBUG) {
      String8 argv_String;
      for (int i = 0; i < argc; ++i) {