Permalink
Browse files

Changed default mode for journal files created by sqlite.

Previous to this, the temporary journal files created by sqlite
were globally readable, leading to the possible leakage of
sensitive data (CVE-2011-3901).

Bug: 6222215
Change-Id: I29a85c9077c622b038e7fb190c3d7833b924df99
  • Loading branch information...
1 parent 488d783 commit c69e7a40de841993dd1bebf32269f195a90b9f00 @gcondra gcondra committed Mar 25, 2012
Showing with 1 addition and 1 deletion.
  1. +1 −1 dist/Android.mk
View
@@ -10,7 +10,7 @@ LOCAL_PATH:= $(call my-dir)
# SQLITE_TEMP_STORE=3 causes all TEMP files to go into RAM. and thats the behavior we want
# SQLITE_ENABLE_FTS3 enables usage of FTS3 - NOT FTS1 or 2.
# SQLITE_DEFAULT_AUTOVACUUM=1 causes the databases to be subject to auto-vacuum
-common_sqlite_flags := -DHAVE_USLEEP=1 -DSQLITE_DEFAULT_JOURNAL_SIZE_LIMIT=1048576 -DSQLITE_THREADSAFE=1 -DNDEBUG=1 -DSQLITE_ENABLE_MEMORY_MANAGEMENT=1 -DSQLITE_DEFAULT_AUTOVACUUM=1 -DSQLITE_TEMP_STORE=3 -DSQLITE_ENABLE_FTS3 -DSQLITE_ENABLE_FTS3_BACKWARDS -DSQLITE_DEFAULT_FILE_FORMAT=4
+common_sqlite_flags := -DHAVE_USLEEP=1 -DSQLITE_DEFAULT_JOURNAL_SIZE_LIMIT=1048576 -DSQLITE_THREADSAFE=1 -DNDEBUG=1 -DSQLITE_ENABLE_MEMORY_MANAGEMENT=1 -DSQLITE_DEFAULT_AUTOVACUUM=1 -DSQLITE_TEMP_STORE=3 -DSQLITE_ENABLE_FTS3 -DSQLITE_ENABLE_FTS3_BACKWARDS -DSQLITE_DEFAULT_FILE_FORMAT=4 -DSQLITE_DEFAULT_FILE_PERMISSIONS=0600
common_src_files := sqlite3.c

0 comments on commit c69e7a4

Please sign in to comment.