commit | d6fec06b797695fe1762b489abe5361ccc3c2005 | [log] [tgz] |
---|---|---|
author | Nick Kralevich <nnk@google.com> | Fri Jan 27 13:06:53 2012 -0800 |
committer | Nick Kralevich <nnk@google.com> | Fri Apr 27 13:32:32 2012 -0700 |
tree | 822006f3908db085b8b98620bca2c6499ec8c11a | |
parent | 5ebced39093d1223566166b8cc6abfe6729c487d [diff] |
Restrict zygote to system user. CVE-2011-3918: Address denial of service attack against Android's zygote process. This change enforces that only UID=system can directly connect to zygote to spawn processes. Change-Id: I89f5f05fa44ba8582920b66854df3e79527ae067