diff options
| author | Ricardo Cerqueira <cyanogenmod@cerqueira.org> | 2013-06-11 04:24:25 -0700 |
|---|---|---|
| committer | Gerrit Code Review <gerrit@cyanogenmod.org> | 2013-06-11 04:24:25 -0700 |
| commit | 26be679a20239eeb00f3aee5080ae600f499910f (patch) | |
| tree | 1d91fed9c5cb66913fd0b127f47f056530b2d2a2 | |
| parent | fb0360bc36831cd3d5d1dd19e01ff6e76d4426f4 (diff) | |
| parent | e79310eb7fe1402aecfe12016d855ba24cb9b8b1 (diff) | |
| download | system_core-26be679a20239eeb00f3aee5080ae600f499910f.zip system_core-26be679a20239eeb00f3aee5080ae600f499910f.tar.gz system_core-26be679a20239eeb00f3aee5080ae600f499910f.tar.bz2 | |
Merge "init.rc: setup qtaguid group ownership of ctrl and stat files" into cm-10.1
| -rw-r--r-- | rootdir/init.rc | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/rootdir/init.rc b/rootdir/init.rc index 1ed1e07..8e068a0 100644 --- a/rootdir/init.rc +++ b/rootdir/init.rc @@ -129,6 +129,12 @@ loglevel 3 write /dev/cpuctl/apps/bg_non_interactive/cpu.rt_runtime_us 700000 write /dev/cpuctl/apps/bg_non_interactive/cpu.rt_period_us 1000000 +# qtaguid will limit access to specific data based on group memberships. +# net_bw_acct grants impersonation of socket owners. +# net_bw_stats grants access to other apps' detailed tagged-socket stats. + chown root net_bw_acct /proc/net/xt_qtaguid/ctrl + chown root net_bw_stats /proc/net/xt_qtaguid/stats + # Allow everybody to read the xt_qtaguid resource tracking misc dev. # This is needed by any process that uses socket tagging. chmod 0644 /dev/xt_qtaguid |