Update minijail0 rule per security recommendations
BUG=chromium:712706
TEST=Build package for Guado board and test if the update process is started correctly.
Change-Id: I792e83605b04ceac796f72fcb1114ae9368cbab8
Reviewed-on: https://chromium-review.googlesource.com/502328
Commit-Ready: Bernie Thompson <bhthompson@chromium.org>
Tested-by: Jen-Chieh Huang <jenchiehhuang@chromium.org>
Reviewed-by: Jorge Lucangeli Obes <jorgelo@chromium.org>
diff --git a/conf/90-displaylink-usb.rules b/conf/90-displaylink-usb.rules
index 88de4c6..e57b783 100644
--- a/conf/90-displaylink-usb.rules
+++ b/conf/90-displaylink-usb.rules
@@ -3,4 +3,4 @@
# updater to check the PID
SUBSYSTEM=="usb", ACTION=="add", ENV{ID_VENDOR_ID}=="17e9", \
OWNER="cfm-firmware-updaters", GROUP="cfm-firmware-updaters", MODE="0664" \
- RUN+="/sbin/minijail0 -u cfm-firmware-updaters -g cfm-firmware-updaters -e -i -l -N -v -r -n -- /usr/sbin/mimo-updater /lib/firmware/displaylink/mimofw_0x016B_0x00000001.bin"
+ RUN+="/sbin/minijail0 -u cfm-firmware-updaters -g cfm-firmware-updaters -e -i -l -N -v -r -n -p -- /usr/sbin/mimo-updater /lib/firmware/displaylink/mimofw_0x016B_0x00000001.bin"