From 70522addd031f6c667849f76c074e463a141c61d Mon Sep 17 00:00:00 2001 From: Nick Kralevich Date: Fri, 6 Jan 2012 13:58:01 -0800 Subject: [PATCH] Don't allow reading of packagelist files. Ensure that all requests to read the list of installed packages go through the PackageManager directly. Don't allow non-system program to directly read the raw package list files. Change-Id: Id083e6b3de4dd9173abfdc741ebf3f60997a1052 --- services/java/com/android/server/pm/Settings.java | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/services/java/com/android/server/pm/Settings.java b/services/java/com/android/server/pm/Settings.java index 36442a0c4fac0..32aa7a48344e1 100644 --- a/services/java/com/android/server/pm/Settings.java +++ b/services/java/com/android/server/pm/Settings.java @@ -713,8 +713,7 @@ final class Settings { mBackupStoppedPackagesFilename.delete(); FileUtils.setPermissions(mStoppedPackagesFilename.toString(), FileUtils.S_IRUSR|FileUtils.S_IWUSR - |FileUtils.S_IRGRP|FileUtils.S_IWGRP - |FileUtils.S_IROTH, + |FileUtils.S_IRGRP|FileUtils.S_IWGRP, -1, -1); // Done, all is good! @@ -951,8 +950,7 @@ final class Settings { mBackupSettingsFilename.delete(); FileUtils.setPermissions(mSettingsFilename.toString(), FileUtils.S_IRUSR|FileUtils.S_IWUSR - |FileUtils.S_IRGRP|FileUtils.S_IWGRP - |FileUtils.S_IROTH, + |FileUtils.S_IRGRP|FileUtils.S_IWGRP, -1, -1); // Write package list file now, use a JournaledFile. @@ -1007,8 +1005,7 @@ final class Settings { FileUtils.setPermissions(mPackageListFilename.toString(), FileUtils.S_IRUSR|FileUtils.S_IWUSR - |FileUtils.S_IRGRP|FileUtils.S_IWGRP - |FileUtils.S_IROTH, + |FileUtils.S_IRGRP|FileUtils.S_IWGRP, -1, -1); writeStoppedLPr();