Changed default mode for journal files created by sqlite.
Previous to this, the temporary journal files created by sqlite
were globally readable, leading to the possible leakage of
sensitive data (CVE-2011-3901).
Bug: 6222215
Change-Id: I29a85c9077c622b038e7fb190c3d7833b924df99
diff --git a/dist/Android.mk b/dist/Android.mk
index 78445dd..2fbe345 100644
--- a/dist/Android.mk
+++ b/dist/Android.mk
@@ -10,7 +10,7 @@
# SQLITE_TEMP_STORE=3 causes all TEMP files to go into RAM. and thats the behavior we want
# SQLITE_ENABLE_FTS3 enables usage of FTS3 - NOT FTS1 or 2.
# SQLITE_DEFAULT_AUTOVACUUM=1 causes the databases to be subject to auto-vacuum
-common_sqlite_flags := -DHAVE_USLEEP=1 -DSQLITE_DEFAULT_JOURNAL_SIZE_LIMIT=1048576 -DSQLITE_THREADSAFE=1 -DNDEBUG=1 -DSQLITE_ENABLE_MEMORY_MANAGEMENT=1 -DSQLITE_DEFAULT_AUTOVACUUM=1 -DSQLITE_TEMP_STORE=3 -DSQLITE_ENABLE_FTS3 -DSQLITE_ENABLE_FTS3_BACKWARDS -DSQLITE_DEFAULT_FILE_FORMAT=4
+common_sqlite_flags := -DHAVE_USLEEP=1 -DSQLITE_DEFAULT_JOURNAL_SIZE_LIMIT=1048576 -DSQLITE_THREADSAFE=1 -DNDEBUG=1 -DSQLITE_ENABLE_MEMORY_MANAGEMENT=1 -DSQLITE_DEFAULT_AUTOVACUUM=1 -DSQLITE_TEMP_STORE=3 -DSQLITE_ENABLE_FTS3 -DSQLITE_ENABLE_FTS3_BACKWARDS -DSQLITE_DEFAULT_FILE_FORMAT=4 -DSQLITE_DEFAULT_FILE_PERMISSIONS=0600
common_src_files := sqlite3.c
