From 92517e4c035f3c94f46b642798cccf24ce774135 Mon Sep 17 00:00:00 2001
From: Josh Gao <jmgao@google.com>
Date: Tue, 3 Jan 2017 13:29:03 -0800
Subject: [PATCH] app_process: don't use PR_SET_NO_NEW_PRIVS.

selinux should provide equivalent protection, and this prevents
transitioning to a helper binary for crash dumping.

Bug: http://b/30705528
Change-Id: I64b05236931d418f268b193418e937ab6b0985e0
---
 cmds/app_process/app_main.cpp | 4 ----
 1 file changed, 4 deletions(-)

diff --git a/cmds/app_process/app_main.cpp b/cmds/app_process/app_main.cpp
index d5580acce4f8a..0ea141c292dd6 100644
--- a/cmds/app_process/app_main.cpp
+++ b/cmds/app_process/app_main.cpp
@@ -184,10 +184,6 @@ static const char ZYGOTE_NICE_NAME[] = "zygote";
 
 int main(int argc, char* const argv[])
 {
-    if (prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0) < 0) {
-        LOG_ALWAYS_FATAL("PR_SET_NO_NEW_PRIVS failed: %s", strerror(errno));
-    }
-
     if (!LOG_NDEBUG) {
       String8 argv_String;
       for (int i = 0; i < argc; ++i) {