Update minijail0 rule per security recommendations BUG=chromium:712706 TEST=Build package for Guado board and test if the update process is started correctly. Change-Id: I792e83605b04ceac796f72fcb1114ae9368cbab8 Reviewed-on: https://chromium-review.googlesource.com/502328 Commit-Ready: Bernie Thompson <bhthompson@chromium.org> Tested-by: Jen-Chieh Huang <jenchiehhuang@chromium.org> Reviewed-by: Jorge Lucangeli Obes <jorgelo@chromium.org>

commit: 6ee0c34335fd6d5752ca35cb909ca8fc48415295 [log] [tgz]
author: Jen-Chieh Huang <jenchiehhuang@google.com> Wed May 10 21:04:52 2017
committer: chrome-bot <chrome-bot@chromium.org> Fri May 26 00:16:05 2017
tree: 06514b6f33cd0de1d8e1c51500d0a21daf40a641
parent: ca4b9d39936daa0e31a7d842b4a4c666cdf053ce [diff]
diff --git a/conf/90-displaylink-usb.rules b/conf/90-displaylink-usb.rules
index 88de4c6..e57b783 100644
--- a/conf/90-displaylink-usb.rules
+++ b/conf/90-displaylink-usb.rules

@@ -3,4 +3,4 @@
 # updater to check the PID
 SUBSYSTEM=="usb", ACTION=="add", ENV{ID_VENDOR_ID}=="17e9", \
   OWNER="cfm-firmware-updaters", GROUP="cfm-firmware-updaters", MODE="0664" \
-  RUN+="/sbin/minijail0 -u cfm-firmware-updaters -g cfm-firmware-updaters -e -i -l -N -v -r -n -- /usr/sbin/mimo-updater /lib/firmware/displaylink/mimofw_0x016B_0x00000001.bin"
+  RUN+="/sbin/minijail0 -u cfm-firmware-updaters -g cfm-firmware-updaters -e -i -l -N -v -r -n -p -- /usr/sbin/mimo-updater /lib/firmware/displaylink/mimofw_0x016B_0x00000001.bin"
commit	6ee0c34335fd6d5752ca35cb909ca8fc48415295	[log] [tgz]
author	Jen-Chieh Huang <jenchiehhuang@google.com>	Wed May 10 21:04:52 2017
committer	chrome-bot <chrome-bot@chromium.org>	Fri May 26 00:16:05 2017
tree	06514b6f33cd0de1d8e1c51500d0a21daf40a641
parent	ca4b9d39936daa0e31a7d842b4a4c666cdf053ce [diff]