TheArchive/Magisk
1
0
Fork 0
mirror of https://github.com/topjohnwu/Magisk.git synced 2024-11-28 04:25:27 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix checking order

Browse Source
This commit is contained in:
topjohnwu 2017-04-16 23:10:18 +08:00
parent 743c4f554d
commit 222c31b306
1 changed files with 30 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

60
su.c
View File

@ -311,6 +311,36 @@ int su_daemon_main(int argc, char **argv) {
optind++;
}
// The su_context setup is done, now every error leads to deny
err_handler = deny;
// It's in multiuser mode
if (ctx.from.uid > 99999) {
ctx.user.android_user_id = ctx.from.uid / 100000;
if (ctx.user.multiuser_mode == MULTIUSER_MODE_USER) {
snprintf(ctx.user.database_path, PATH_MAX, "%s/%d/%s",
USER_DATA_PATH, ctx.user.android_user_id, REQUESTOR_DATABASE_PATH);
snprintf(ctx.user.base_path, PATH_MAX, "%s/%d/%s",
USER_DATA_PATH, ctx.user.android_user_id, REQUESTOR);
}
}
// verify superuser is installed
xstat(ctx.user.base_path, &st);
// odd perms on superuser data dir
if (st.st_gid != st.st_uid) {
LOGE("Bad uid/gid %d/%d for Superuser Requestor application",
(int)st.st_uid, (int)st.st_gid);
deny();
}
// always allow if this is the superuser uid
// superuser needs to be able to reenable itself when disabled...
if (ctx.from.uid == st.st_uid) {
allow();
}
// Check property of root configuration
char *root_prop = getprop(ROOT_ACCESS_PROP);
if (root_prop) {
@ -335,41 +365,11 @@ int su_daemon_main(int argc, char **argv) {
}
free(root_prop);
// The su_context setup is done, now every error leads to deny
err_handler = deny;
// It's in multiuser mode
if (ctx.from.uid > 99999) {
ctx.user.android_user_id = ctx.from.uid / 100000;
if (ctx.user.multiuser_mode == MULTIUSER_MODE_USER) {
snprintf(ctx.user.database_path, PATH_MAX, "%s/%d/%s",
USER_DATA_PATH, ctx.user.android_user_id, REQUESTOR_DATABASE_PATH);
snprintf(ctx.user.base_path, PATH_MAX, "%s/%d/%s",
USER_DATA_PATH, ctx.user.android_user_id, REQUESTOR);
}
}
// Allow root to start root
if (ctx.from.uid == UID_ROOT) {
allow();
}
// verify superuser is installed
xstat(ctx.user.base_path, &st);
// odd perms on superuser data dir
if (st.st_gid != st.st_uid) {
LOGE("Bad uid/gid %d/%d for Superuser Requestor application",
(int)st.st_uid, (int)st.st_gid);
deny();
}
// always allow if this is the superuser uid
// superuser needs to be able to reenable itself when disabled...
if (ctx.from.uid == st.st_uid) {
allow();
}
// deny if this is a non owner request and owner mode only
if (ctx.user.multiuser_mode == MULTIUSER_MODE_OWNER_ONLY && ctx.user.android_user_id != 0) {
deny();