Skip to content
Commit 59972218 authored by Josh Gao's avatar Josh Gao
Browse files

zygote: don't drop CAP_SYS_PTRACE from the bounding set.

crash_dump needs to acquire CAP_SYS_PTRACE to be able to ptrace
processes with capabilities. selinux should hopefully be sufficient for
restricting ptrace to processes that should do it.

Bug: http://b/34694637
Test: debuggerd `pidof system_server`
Change-Id: If46f0b9baa54529780f7767f309f76b102a42ab4
parent 35c71533
Loading
Loading
Loading
Loading
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment