From 523971c63b424535fc172264dd2d52fac9d718cd Mon Sep 17 00:00:00 2001
From: "Kevin F. Haggerty" <haggertk@lineageos.org>
Date: Thu, 28 Dec 2017 09:01:32 -0700
Subject: [PATCH] macloader: Stop allowing G and O write perms to the cidfile

* Only macloader should ever write to this, but others (e.g,
  libbt-vendor.so) read from it. 0644 is more than enough.

Change-Id: I3d2fb3dfec1ba81c9c382ed18c93114e641df4a0
---
 macloader/macloader.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/macloader/macloader.c b/macloader/macloader.c
index 3efcc0bd..343ed958 100644
--- a/macloader/macloader.c
+++ b/macloader/macloader.c
@@ -230,7 +230,7 @@ int main() {
     ALOGD("Change permissions of %s\n", CID_PATH);
 
     fd = fileno(cidfile);
-    amode = S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP | S_IROTH | S_IWOTH;
+    amode = S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH;
     ret = fchmod(fd, amode);
     if (ret != 0) {
         ALOGE("Can't set permissions on %s - %s\n",