Mirrors/Magisk
1
0
Fork 0
mirror of https://github.com/topjohnwu/Magisk.git synced 2025-05-30 13:30:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

Ensure manager can always bypass su access policy

Browse Source 
This fixes https://github.com/topjohnwu/Magisk/issues/9050.
This commit is contained in:
Wang Han 2025-05-20 00:10:28 +08:00 committed by John Wu
parent dc0acea47c
commit fada8b148a
1 changed files with 16 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
native/src/core/su/daemon.rs
View File

@ -241,6 +241,22 @@ impl MagiskD {
_ => uid, _ => uid,
}; };
let mut access = RootSettings::default();
self.get_root_settings(eval_uid, &mut access)?;
// We need to talk to the manager, get the app info
let (mgr_uid, mgr_pkg) =
if access.policy == SuPolicy::Query || access.log || access.notify {
self.get_manager(to_user_id(eval_uid), true)
} else {
(-1, String::new())
};
// If it's the manager, allow it silently
if to_app_id(uid) == to_app_id(mgr_uid) {
return Arc::new(SuInfo::allow(uid));
}
// Check su access settings // Check su access settings
match cfg.root_access { match cfg.root_access {
RootAccess::Disabled => { RootAccess::Disabled => {
@ -262,22 +278,6 @@ impl MagiskD {
_ => {} _ => {}
}; };
let mut access = RootSettings::default();
self.get_root_settings(eval_uid, &mut access)?;
// We need to talk to the manager, get the app info
let (mgr_uid, mgr_pkg) =
if access.policy == SuPolicy::Query || access.log || access.notify {
self.get_manager(to_user_id(eval_uid), true)
} else {
(-1, String::new())
};
// If it's the manager, allow it silently
if to_app_id(uid) == to_app_id(mgr_uid) {
return Arc::new(SuInfo::allow(uid));
}
// If still not determined, check if manager exists // If still not determined, check if manager exists
if access.policy == SuPolicy::Query && mgr_uid < 0 { if access.policy == SuPolicy::Query && mgr_uid < 0 {
return Arc::new(SuInfo::deny(uid)); return Arc::new(SuInfo::deny(uid));