Make /dev/__properties__ 0711
Don't allow processes to read the contents of the directory
/dev/__properties__. This is an implementation detail of the properties
system that processes shouldn't be concerned with.
Test: Device boots and no problems reading individual properties.
Test: ls -la /dev/__properties__ fails
Change-Id: I00130fe4529525935654bff91e3cc59253b86e26
diff --git a/libc/bionic/system_properties.cpp b/libc/bionic/system_properties.cpp
index 0f68431..e925d23 100644
--- a/libc/bionic/system_properties.cpp
+++ b/libc/bionic/system_properties.cpp
@@ -1046,7 +1046,7 @@
int __system_property_area_init()
{
free_and_unmap_contexts();
- mkdir(property_filename, S_IRWXU | S_IRGRP | S_IXGRP | S_IROTH | S_IXOTH);
+ mkdir(property_filename, S_IRWXU | S_IXGRP | S_IXOTH);
if (!initialize_properties()) {
return -1;
}