am 9451a040: Drop privileges to nobody:nobody, use supplementary groups as needed.

* commit '9451a040340733ef044493ca396d8fb087df59e0':
  Drop privileges to nobody:nobody, use supplementary groups as needed.

2 files changed, 3 insertions, 3 deletions

diff --git a/config.h b/config.h
index edb70d0..5dcfad6 100644
--- a/config.h
+++ b/config.h
@@ -246,10 +246,10 @@
 
 /* TODO(b/23651876) Reserve proper unprivileged uid/gid for the helper. */
 /* Unprivileged group */
-#define UNPRIV_GROUP "inet"
+#define UNPRIV_GROUP "nobody"
 
 /* Unprivileged user */
-#define UNPRIV_USER "inet"
+#define UNPRIV_USER "nobody"
 
 /* if PolarSSL is enabled */
 /* #undef USE_POLARSSL */
diff --git a/init/tlsdated.rc b/init/tlsdated.rc
index 2418255..87468af 100644
--- a/init/tlsdated.rc
+++ b/init/tlsdated.rc
@@ -1,5 +1,5 @@
 # Init file for starting tlsdated on Android.
-service tlsdated /system/bin/tlsdated -v -l -s -G dbus -- /system/bin/tlsdate -v -C /system/etc/security/cacerts -l
+service tlsdated /system/bin/tlsdated -v -l -s -G dbus,inet -- /system/bin/tlsdate -v -C /system/etc/security/cacerts -l
     class main
     # This daemon needs to start as root and drops privileges early on.
     user root