Developer discovered vulnerability in Exynos 4-powered devices, including the Galaxy S2 and Galaxy Note.
Security Hole Found in Several Samsung Smartphones : Read more
Security Hole Found in Several Samsung Smartphones : Read more
The question is why permissions are set to read/write for all in kernel AND in ueventd.smdk4x12.rc:•samsung developper in charge of this would lose his job
•some samsung apps with basic rights need to access it (I doubt it)
•a huge mistake
A simple patch could be to set permissions to 0660 or 0600 in ueventd.smdk4x12.rc, but I don't know how it would affect samsung applications/services.