)]}'
{
  "commit": "3082eb7c7253c62a06aa151a80487a4eabd49914",
  "tree": "e5abbf2253e6f518a60f8be874a636c101153e44",
  "parents": [
    "4211358c7448147388c5e4af3e0e5472def83a3b"
  ],
  "author": {
    "name": "Nick Kralevich",
    "email": "nnk@google.com",
    "time": "Wed Feb 15 15:12:31 2017 -0800"
  },
  "committer": {
    "name": "Nick Kralevich",
    "email": "nnk@google.com",
    "time": "Wed Feb 15 15:12:31 2017 -0800"
  },
  "message": "system_server: add CAP_SYS_PTRACE\n\nCommit https://android.googlesource.com/kernel/common/+/f0ce0eee added\nCAP_SYS_RESOURCE as a capability check which would allow access to\nsensitive /proc/PID files. system_server uses this capability to collect\nsmaps from managed processes. Presumably this was done to avoid the\nimplications of granting CAP_SYS_PTRACE to system_server.\n\nHowever, with SELinux enforcement, we can grant CAP_SYS_PTRACE but not\nallow ptrace attach() to other processes. The net result of this is that\nCAP_SYS_PTRACE and CAP_SYS_RESOURCE have identical security controls, as\nlong as system_server:process ptrace is never granted.\n\nAdd CAP_SYS_PTRACE to the set of capabilities granted to system_server.\n\nDon\u0027t delete CAP_SYS_RESOURCE for now. SELinux has blocked the use of\nCAP_SYS_RESOURCE, but we still want to generate audit logs if it\u0027s\ntriggered. CAP_SYS_RESOURCE can be deleted in a future commit.\n\nBug: 34951864\nTest: Device boots, functionality remains identical, no sys_resource\ndenials from system_server.\n\nChange-Id: I2570266165396dba2b600eac7c42c94800d9c65b\n",
  "tree_diff": [
    {
      "type": "modify",
      "old_id": "0b5a1b72f9ea0f0384b967b4e5e06bb5577e68f0",
      "old_mode": 33188,
      "old_path": "core/java/com/android/internal/os/ZygoteInit.java",
      "new_id": "310cbc7af092dc0784e91712a198d31446a63da8",
      "new_mode": 33188,
      "new_path": "core/java/com/android/internal/os/ZygoteInit.java"
    }
  ]
}
