Google Git
Sign in
fuchsia / fuchsia / 36780a91543957d7e10720744b080de5f52778f3
commit36780a91543957d7e10720744b080de5f52778f3[log] [tgz]
authorBrandon Castellano <bcastell@google.com>Wed Feb 12 10:15:36 2025 -0800
committerCQ Bot <fuchsia-internal-scoped@luci-project-accounts.iam.gserviceaccount.com>Wed Feb 12 10:15:36 2025 -0800
tree29e7a11799a59524d8d5b392ef2840f070dad0d5
parentf2564567bf617cc7e0d35700070062d8f30ff58d [diff]
[device-watcher] Open directories with PERM_READABLE

Previously in io1, the ability to enumerate directory entries and open
child entries was unprivileged. In the current io2 rights model, we want
to constrain these to the ENUMERATE and TRAVERSE/CONNECT rights,
respectively.

To ensure we can start to enforce this, we must ensure PERM_READABLE,
which is a convenient alias including these rights, is used when opening
directories that we want to perform these operations on.

Bug: 324111518
Change-Id: I8716ece193fe074984176e5f2f6be36c7dee8adf
Reviewed-on: https://fuchsia-review.googlesource.com/c/fuchsia/+/1204165
Commit-Queue: Brandon Castellano <bcastell@google.com>
Reviewed-by: Suraj Malhotra <surajmalhotra@google.com>
2 files changed
tree: 29e7a11799a59524d8d5b392ef2840f070dad0d5
  1. .helix/
  2. boards/
  3. build/
  4. bundles/
  5. docs/
  6. examples/
  7. infra/
  8. products/
  9. scripts/
  10. sdk/
  11. src/
  12. third_party/
  13. tools/
  14. zircon/
  15. .clang-format
  16. .clang-tidy
  17. .editorconfig
  18. .git-blame-ignore-revs
  19. .gitattributes
  20. .gitignore
  21. .gitmodules
  22. .gn
  23. .ignore
  24. analysis_options.yaml
  25. AUTHORS
  26. BUILD.gn
  27. CODE_OF_CONDUCT.md
  28. CONTRIBUTING.md
  29. fuchsia.code-workspace
  30. LICENSE
  31. OWNERS
  32. PATENTS
  33. pyproject.toml
  34. pyrightconfig.json
  35. README.md
  36. rustfmt.toml
  37. shac.star
  38. shac.textproto
README.md

Fuchsia

What is Fuchsia?

Fuchsia is an open source, general purpose operating system supporting modern 64-bit Intel and ARM processors.

We expect everyone interacting with our project to respect our code of conduct.

Read more about Fuchsia's principles.

How can I build and run Fuchsia?

See Getting Started.

Where can I learn more about Fuchsia?

See fuchsia.dev.