runcon works by saying "when i exec, switch to this context" and then calling exec. unfortunately, xexec is too clever and will avoid actually exec'ing if it recognizes that it would just be a call back into toybox.
so "runcon blah /system/bin/id" would work, because toybox would actually exec, but "runcon blah id" wouldn't, because toybox would just toy_exec "id". this was subtle enough to go unnoticed for some time. i've "fixed" it for now by just setting CONFIG_TOYBOX_NORECURSE=y (https://android-review.googlesource.com/#/c/196953/) but i wondered whether we should have a #error or something in runcon.c to make it clear if you're building a broken configuration? -- Elliott Hughes - http://who/enh - http://jessies.org/~enh/ Android native code/tools questions? Mail me/drop by/add me as a reviewer. _______________________________________________ Toybox mailing list [email protected] http://lists.landley.net/listinfo.cgi/toybox-landley.net
