From 027429a34fd229d7546640bd5b629156da8dd0fd Mon Sep 17 00:00:00 2001
From: Alistair Strachan <alistair.strachan@imgtec.com>
Date: Wed, 17 Jul 2013 10:41:49 -0700
Subject: Restore default umask after forking for update-binary.

A system/core change made in Mar 26 2012 6ebf12f "init: Change umask
of forked processes to 077" changed the default umask of services
forked from init.

Because recovery is forked from init, it has a umask of 077. Therefore
when update-binary is forked from recovery, it too has a umask of 077.

This umask is overly restrictive and can cause problems for scripts
relying on minzip to extract binaries directly into the target
filesystem. Any directories updated by minzip will have their
permissions reset to r-x------ and created files will have similarly
restrictive permissions.

As it seems unlikely this security measure was intended to have this
side effect on legacy sideloads that do not have chmods to repair
the damage done by minzip, this change reverts the umask to 022 in
the fork made for update-binary.

Change-Id: Ib1a3fc83aa4ecc7480b5d0c00f3c7d0d040d4887
---
 install.cpp | 1 +
 1 file changed, 1 insertion(+)

diff --git a/install.cpp b/install.cpp
index 797a525fd..980830cc0 100644
--- a/install.cpp
+++ b/install.cpp
@@ -120,6 +120,7 @@ try_update_binary(const char *path, ZipArchive *zip, int* wipe_cache) {
 
     pid_t pid = fork();
     if (pid == 0) {
+        umask(022);
         close(pipefd[0]);
         execv(binary, (char* const*)args);
         fprintf(stdout, "E:Can't run %s (%s)\n", binary, strerror(errno));
-- 
cgit v1.2.3