Issue 621552 link

Starred by 1 user

Issue metadata

Status:	Verified
Owner:	█ dtor@chromium.org Last visit > 30 days ago
Closed:	Jun 2016
EstimatedDays:	----
NextAction:	----
OS:	Linux
Pri:	1
Type:	Bug

Blocking:
issue 621500

New fscap binary detected in builds with Android enabled

Project Member Reported by groeck@chromium.org, Jun 20 2016

Issue description

The veryon_minnie canary reports the following error.

ANCHOR  TestFailure{bvt-inline,security_SuidBinaries.fscap,New fscap binaries:
/opt/google/containers/android/rootfs/root/system/bin/run-as = cap_setgid,cap_setuid+ep}

Reference to failed test:

build artifacts: https://storage.cloud.google.com/?arg=chromeos-image-archive/veyron_minnie-release/R53-8477.0.0.
results log: http://cautotest.corp.google.com/tko/retrieve_logs.cgi?job=/results/67307612-chromeos-test/chromeos4-row9-rack9-host6/debug/.
status log: http://cautotest.corp.google.com/tko/retrieve_logs.cgi?job=/results/67307612-chromeos-test/chromeos4-row9-rack9-host6/status.log.

Project Member

Comment 1 by bugdroid1@chromium.org, Jun 21 2016

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/autotest/+/364f7b1ff95050e021e080aebf1a80879058d0c4

commit 364f7b1ff95050e021e080aebf1a80879058d0c4
Author: Dmitry Torokhov <dtor@chromium.org>
Date: Mon Jun 20 19:15:13 2016

security_SuidBinaries: add Android's run-as to the list

The run-as utility is shipped in all Android builds, and it has enhanced
capabilities, so let's add it to the list.

BUG= chromium:621552 
TEST=build, run test.

Change-Id: I6e3541abdc3db4a6f27201f915320d8095526df7
Signed-off-by: Dmitry Torokhov <dtor@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/354111
Reviewed-by: Mike Frysinger <vapier@chromium.org>

[modify] https://crrev.com/364f7b1ff95050e021e080aebf1a80879058d0c4/client/site_tests/security_SuidBinaries/baseline.fscap

Comment 2 by dtor@chromium.org, Jun 21 2016

Status: Fixed (was: Untriaged)

Comment 3 by groeck@chromium.org, Jun 21 2016

Status: Verified (was: Fixed)

►

Issue 621552 link

Issue metadata

New fscap binary detected in builds with Android enabled

Issue description

Comment 1 by bugdroid1@chromium.org, Jun 21 2016

Comment 1 Deleted

Comment 2 by dtor@chromium.org, Jun 21 2016

Comment 2 Deleted

Comment 3 by groeck@chromium.org, Jun 21 2016

Comment 3 Deleted

Sign in to add a comment