Ubuntu
android package

  1. Bug #1240223
  2. Activity log

Activity log for bug #1240223

Date Who What changed Old value New value Message
2013-10-15 20:41:49 Jamie Strandboge bug added bug
2013-10-15 20:42:00 Jamie Strandboge tags avengers
2013-10-15 20:42:06 Jamie Strandboge information type Private Security Public Security
2013-10-15 21:42:40 Jamie Strandboge summary /userdata, /userdata/android-data and many files under /userdata/android-data are owned by system:system /userdata, /var/lib/lxc/android/rootfs/mnt, /userdata/android-data and many files under /userdata/android-data are owned by system:system
2013-10-15 21:43:28 Jamie Strandboge summary /userdata, /var/lib/lxc/android/rootfs/mnt, /userdata/android-data and many files under /userdata/android-data are owned by system:system /userdata, /var/lib/lxc/android/rootfs/data and many other files and directories owned by system:system
2013-10-15 21:44:47 Jamie Strandboge description /userdata drwxrwx--x system system Several services run as the system user (on mako image 96): system 727 0.0 0.0 1200 244 ? S 11:59 0:01 /system/bin/servicemanager system 744 0.2 0.0 7024 1584 ? Sl 11:59 0:38 /system/bin/sensorservice system 748 0.0 0.0 2144 616 ? S 11:59 0:00 /system/bin/qseecomd system 751 0.0 0.0 1456 560 ? S 11:59 0:00 /system/bin/qcks -i /firmware/image/ -r /data/tombstones/mdm/ system 779 0.0 0.0 4212 504 ? Sl 11:59 0:03 /system/bin/qseecomd system 1740 0.0 0.0 1388 544 ? S 11:59 0:00 /system/bin/efsks -p /dev/ttyUSB0 -w /dev/block/platform/msm_sdcc.1/by-name/ system 1864 0.0 0.0 1068 328 ? S 11:59 0:00 sh -c /system/bin/ks -m -w /dev/block/platform/msm_sdcc.1/by-name/ -p /dev/ttyUSB0 -t -1 -l system 1866 0.0 0.0 2452 1596 ? S 11:59 0:00 /system/bin/ks -m -w /dev/block/platform/msm_sdcc.1/by-name/ -p /dev/ttyUSB0 -t -1 -l A flaw in any of these services could wreak havoc on the system. For example, the phablet user is in /userdata/user-data/phablet, so while /userdata/user-data is root:root, the 'system' user owns the parent directory so it is able to rename it and cause a DoS against the phablet user. Furthermore, /userdata/android-data is also owned by the 'system' user, so it can delete/modify files in this directory at will. /userdata drwxrwx--x system system /var/lib/lxc/android/rootfs/cache drwxrwx--x system 2001 /var/lib/lxc/android/rootfs/cache/recovery drwxrwx--- system 2001 /var/lib/lxc/android/rootfs/cache/dalvik-cache drwxrwx--x system system /var/lib/lxc/android/rootfs/data drwxrwx--x system system /var/lib/lxc/android/rootfs/mnt drwxrwxr-x root system Several services run as the system user (on mako image 96): system 727 0.0 0.0 1200 244 ? S 11:59 0:01 /system/bin/servicemanager system 744 0.2 0.0 7024 1584 ? Sl 11:59 0:38 /system/bin/sensorservice system 748 0.0 0.0 2144 616 ? S 11:59 0:00 /system/bin/qseecomd system 751 0.0 0.0 1456 560 ? S 11:59 0:00 /system/bin/qcks -i /firmware/image/ -r /data/tombstones/mdm/ system 779 0.0 0.0 4212 504 ? Sl 11:59 0:03 /system/bin/qseecomd system 1740 0.0 0.0 1388 544 ? S 11:59 0:00 /system/bin/efsks -p /dev/ttyUSB0 -w /dev/block/platform/msm_sdcc.1/by-name/ system 1864 0.0 0.0 1068 328 ? S 11:59 0:00 sh -c /system/bin/ks -m -w /dev/block/platform/msm_sdcc.1/by-name/ -p /dev/ttyUSB0 -t -1 -l system 1866 0.0 0.0 2452 1596 ? S 11:59 0:00 /system/bin/ks -m -w /dev/block/platform/msm_sdcc.1/by-name/ -p /dev/ttyUSB0 -t -1 -l A flaw in any of these services could wreak havoc on the system. For example, the phablet user is in /userdata/user-data/phablet, so while /userdata/user-data is root:root, the 'system' user owns the parent directory so it is able to rename it and cause a DoS against the phablet user. Furthermore, /userdata/android-data is also owned by the 'system' user, so it can delete/modify files in this directory at will.
2014-07-01 16:52:26 Bill Filler bug task added android (Ubuntu)
2014-07-01 16:53:34 Bill Filler bug task deleted touch-preview-images
2014-08-08 17:38:24 Jamie Strandboge android (Ubuntu): status New Confirmed