On 02/23/2016 04:06 AM, YongQin Liu wrote:
Here is the output of the commands, any new findings?
shell@flounder:/ $ su
current_uid=2000, current_euid=0, current_gid=2000, current_egid=2000
su: setgid failed: Operation not permitted
1|shell@flounder:/ $ cat /proc/self/status
CapInh: 0000000000000000
CapPrm: 0000000000000000
CapEff: 0000000000000000
CapBnd: 0000000000000000
Your bounding set is all-zeroes, so you can't gain any superuser
capabilities. This appears to be due to the prctl(PR_CAPBSET_DROP...)
call in core/jni/com_android_internal_os_Zygote.cpp.
shell@flounder:/ $ id -Z
context=u:r:shell:s0 <------is the "Operation not permitted" caused by
this? if so, should not there be some avc denials in logcat for dmesg?
shell@flounder:/ $
You said that SELinux was permissive, so it isn't relevant in this case
(but would indeed deny the capabilities if enforcing, and would generate
avc denials).
_______________________________________________
Seandroid-list mailing list
[email protected]
To unsubscribe, send email to [email protected].
To get help, send an email containing "help" to
[email protected].
