diff options
| author | Dianne Hackborn <hackbod@google.com> | 2014-09-12 15:38:33 -0700 |
|---|---|---|
| committer | Dianne Hackborn <hackbod@google.com> | 2014-09-12 15:38:33 -0700 |
| commit | 0fcef84cca23724c13ecfe775b90dec3614cc3e3 (patch) | |
| tree | 85ab7041515cb94ccc2e06522d99cc01581ac979 | |
| parent | 098116854e5b2500d71a1d7b5cce499edf31d287 (diff) | |
| download | frameworks_base-0fcef84cca23724c13ecfe775b90dec3614cc3e3.zip frameworks_base-0fcef84cca23724c13ecfe775b90dec3614cc3e3.tar.gz frameworks_base-0fcef84cca23724c13ecfe775b90dec3614cc3e3.tar.bz2 | |
Fix issue #17479850: AppOpsManager.checkPackage() allows...
...root or shell to claim any package name
Re-arrange so checkPackage() doesn't go through the path where
the package name will be forced for root and shell uids.
Change-Id: I450cd6ac8148afd75b526724afdf46ab63de4c43
| -rw-r--r-- | services/core/java/com/android/server/AppOpsService.java | 16 |
1 files changed, 10 insertions, 6 deletions
diff --git a/services/core/java/com/android/server/AppOpsService.java b/services/core/java/com/android/server/AppOpsService.java index ef6e07c..c3465d1 100644 --- a/services/core/java/com/android/server/AppOpsService.java +++ b/services/core/java/com/android/server/AppOpsService.java @@ -631,7 +631,7 @@ public class AppOpsService extends IAppOpsService.Stub { @Override public int checkPackage(int uid, String packageName) { synchronized (this) { - if (getOpsLocked(uid, packageName, true) != null) { + if (getOpsRawLocked(uid, packageName, true) != null) { return AppOpsManager.MODE_ALLOWED; } else { return AppOpsManager.MODE_ERRORED; @@ -769,6 +769,15 @@ public class AppOpsService extends IAppOpsService.Stub { } private Ops getOpsLocked(int uid, String packageName, boolean edit) { + if (uid == 0) { + packageName = "root"; + } else if (uid == Process.SHELL_UID) { + packageName = "com.android.shell"; + } + return getOpsRawLocked(uid, packageName, edit); + } + + private Ops getOpsRawLocked(int uid, String packageName, boolean edit) { HashMap<String, Ops> pkgOps = mUidOps.get(uid); if (pkgOps == null) { if (!edit) { @@ -777,11 +786,6 @@ public class AppOpsService extends IAppOpsService.Stub { pkgOps = new HashMap<String, Ops>(); mUidOps.put(uid, pkgOps); } - if (uid == 0) { - packageName = "root"; - } else if (uid == Process.SHELL_UID) { - packageName = "com.android.shell"; - } Ops ops = pkgOps.get(packageName); if (ops == null) { if (!edit) { |