From 3006871c272cdd42af76e12820eec6411530f641 Mon Sep 17 00:00:00 2001
From: Will Greenberg <willg@eff.org>
Date: Tue, 23 Jul 2024 11:37:32 -0700
Subject: [PATCH] rootshell: add some more comments explaining the magic GIDs

---
 rootshell/src/main.rs | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/rootshell/src/main.rs b/rootshell/src/main.rs
index baab292..d70d73b 100644
--- a/rootshell/src/main.rs
+++ b/rootshell/src/main.rs
@@ -11,6 +11,9 @@ use nix::unistd::Gid;
 fn main() {
    let mut args = env::args();
 
+   // Android's "paranoid network" feature restricts network access to
+   // processes in specific groups. More info here:
+   // https://www.elinux.org/Android_Security#Paranoid_network-ing
    let gids = &[
       Gid::from_raw(3003), // AID_INET
       Gid::from_raw(3004), // AID_NET_RAW