diff options
| author | Andrey Artemiev <artemiev@google.com> | 2022-06-02 23:43:21 +0000 |
|---|---|---|
| committer | Aleksandr Nogikh <wp32pw@gmail.com> | 2022-06-03 18:36:09 +0200 |
| commit | c885789257c76ea4479ea36282f5e0a2c7861e26 (patch) | |
| tree | 25a5e2e05c4a3d7a5ee3acd6cc33248c81141204 /executor | |
| parent | 438e961a3d21d171d2a07c566f0c512b1481e18c (diff) | |
executor: fixed sandbox 'android'
Diffstat (limited to 'executor')
| -rw-r--r-- | executor/common_linux.h | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/executor/common_linux.h b/executor/common_linux.h index b30366a87..48236ce3b 100644 --- a/executor/common_linux.h +++ b/executor/common_linux.h @@ -4163,6 +4163,8 @@ static int do_sandbox_android(void) if (setresgid(UNTRUSTED_APP_GID, UNTRUSTED_APP_GID, UNTRUSTED_APP_GID) != 0) fail("do_sandbox_android: setresgid failed"); + setup_binderfs(); + #if GOARCH_arm || GOARCH_arm64 || GOARCH_386 || GOARCH_amd64 // Will fail() if anything fails. // Must be called when the new process still has CAP_SYS_ADMIN, in this case, @@ -4179,7 +4181,6 @@ static int do_sandbox_android(void) setfilecon(".", SELINUX_LABEL_APP_DATA_FILE); setcon(SELINUX_CONTEXT_UNTRUSTED_APP); - setup_binderfs(); loop(); doexit(1); } |