No, I'm running a modified Ion build actually. Are you saying that it would be different on some other device/image? I can flash and find out easily enough (yay nandroid).
On Mon, Jul 20, 2009 at 10:19 AM, David Turner <[email protected]> wrote: > > > On Mon, Jul 20, 2009 at 4:14 PM, Disconnect <[email protected]>wrote: > >> /data only contains - on this running dream, with mostly standard firmware >> - a few directories, none of which are directly application related and all >> of which appear to be standard: > > > What is a "mostly standard firmware" exactly? Are you referring to one of > the JF builds? > > >> >> drwxrwx--x shell shell 2009-05-28 19:49 local >> drwxrwx--x system system 2009-05-28 19:49 data >> drwx------ root root 2009-05-28 19:49 property >> drwxrwx--x system system 2009-05-28 19:49 app-private >> drwxrwxr-x system system 2009-05-28 19:49 system >> drwxr-xr-x system system 2009-05-30 20:41 tombstones >> drwxrwx--x system system 2009-05-28 19:49 dalvik-cache >> drwxrwx--- root root 2009-05-28 19:49 lost+found >> drwxrwx--x system system 2009-05-28 19:49 app >> drwxrwxrwx system system 2009-05-28 19:49 anr >> drwxrwx--- root root 2009-05-28 19:49 lost+found >> drwxrwx--t system misc 2009-05-28 19:49 misc >> drwxrwx--- root root 2009-05-28 19:49 lost+found >> >> Most of those are world-readable anyway.. (and joy, that lost+found bug >> still lives. Fun.) >> >> Even if we assume /data/data, then if that were true guessing the >> application name would have the same vulnerability. Reading /data/data is an >> information leak (what apps are installed, and/or might have data saved) but >> it is not an application-data leak. >> >> As an aside, there are some definite leaks in that list - anr/traces.txt >> for example. And why are all the application data directories >> world-readable? That sounds like a much bigger potential problem than being >> able to see that /data has a standard layout. >> >> >> On Mon, Jul 20, 2009 at 2:25 AM, Romain Guy<[email protected]> wrote: >> > >> > That would (potentially) allow any application to read and write the >> > data of other applications. So yes, there's a threat. >> > >> > On Sun, Jul 19, 2009 at 11:23 PM, tstanly<[email protected]> wrote: >> >> >> >> hi, >> >> >> >> i change the mode for /data, >> >> chmod 777 /data >> >> it's work! >> >> >> >> >> >> but is there have threat for changoing directory mode?? >> >> >> >> >> >> thanks! >> >> >> >> >> >> >> >> On 7月20日, 下午2時04分, tstanly <[email protected]> wrote: >> >>> hi all, >> >>> >> >>> use file class, >> >>> file("/data").listfiles(); >> >>> there is notiong can show, >> >>> >> >>> but use >> >>> file("/").listfiles(); >> >>> it works! >> >>> >> >>> so is there some limit for directory under /data ?? >> >>> >> >>> thanks! >> >> > >> >> >> > >> > >> > >> > -- >> > Romain Guy >> > Android framework engineer >> > [email protected] >> > >> > Note: please don't send private questions to me, as I don't have time >> > to provide private support. All such questions should be posted on >> > public forums, where I and others can see and answer them >> > >> > > >> > >> >> >> >> > > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/android-developers?hl=en -~----------~----~----~----~------~----~------~--~---
