From 8767b8003231118d895cecee603796fd80bc6a44 Mon Sep 17 00:00:00 2001
From: Jeferson Oliveira <jroliveira.oliveira301@gmail.com>
Date: Wed, 16 Aug 2023 19:36:59 +0200
Subject: [PATCH] sm6150-common: rootdir: Restrict apps access to
 /proc/net/unix

* Banking apps read the file /proc/net/unix to
  check system modifications, (in our case, custom rom)
  Let's avoid this by chmod it 440.

Test: Install a banking app as of Brazilian Nubank or PicPay, login.
Observed no side effects on any other proccess or apps

Change-Id: Iec7897faf487785bdc202b146a50d9ac5fd1ea85
Signed-off-by: Jeferson Oliveira <jroliveira.oliveira301@gmail.com>
Signed-off-by: therealmharc <therealmharc@gmail.com>
---
 rootdir/etc/init.target.rc | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/rootdir/etc/init.target.rc b/rootdir/etc/init.target.rc
index a7f347f..43b28e7 100644
--- a/rootdir/etc/init.target.rc
+++ b/rootdir/etc/init.target.rc
@@ -133,6 +133,9 @@ on property:sys.boot_completed=1
     # Enable suspend to RAM
     write /sys/power/mem_sleep "deep"
 
+    # Only owner can acces this node
+    chmod 440 /proc/net/unix
+
 service vendor.pd_mapper /vendor/bin/pd-mapper
     class core
     user system