summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorChristopher Tate <ctate@google.com>2013-05-06 13:07:05 -0700
committerNick Kralevich <nnk@google.com>2013-05-06 14:43:05 -0700
commit81c1d8d3a5aef6a423f0bb02de1b362b2f2d12df (patch)
tree8a45b3c04555026dc52810d252346e76372c8e09
parent6d8f5b755b133b308204b84145d773d401cdcd52 (diff)
downloadframeworks_base-81c1d8d3a5aef6a423f0bb02de1b362b2f2d12df.zip
frameworks_base-81c1d8d3a5aef6a423f0bb02de1b362b2f2d12df.tar.gz
frameworks_base-81c1d8d3a5aef6a423f0bb02de1b362b2f2d12df.tar.bz2
Ensure install-during-restore is like install-then-restore
When we've installed an apk from the archive, recheck whether to apply the system-uid policy restrictions around file system restores. Bug 8833099 (cherry picked from commit 2baf6dcfcf7fc1705db25e64dc0cb11fa3509d39) Change-Id: I972fe1543f2234aa76baf562d6f806175ac0248e
-rw-r--r--services/java/com/android/server/BackupManagerService.java11
1 files changed, 10 insertions, 1 deletions
diff --git a/services/java/com/android/server/BackupManagerService.java b/services/java/com/android/server/BackupManagerService.java
index 1f3f172..5fff8fd 100644
--- a/services/java/com/android/server/BackupManagerService.java
+++ b/services/java/com/android/server/BackupManagerService.java
@@ -3583,7 +3583,16 @@ class BackupManagerService extends IBackupManager.Stub {
} else {
// So far so good -- do the signatures match the manifest?
Signature[] sigs = mManifestSignatures.get(info.packageName);
- if (!signaturesMatch(sigs, pkg)) {
+ if (signaturesMatch(sigs, pkg)) {
+ // If this is a system-uid app without a declared backup agent,
+ // don't restore any of the file data.
+ if ((pkg.applicationInfo.uid < Process.FIRST_APPLICATION_UID)
+ && (pkg.applicationInfo.backupAgentName == null)) {
+ Slog.w(TAG, "Installed app " + info.packageName
+ + " has restricted uid and no agent");
+ okay = false;
+ }
+ } else {
Slog.w(TAG, "Installed app " + info.packageName
+ " signatures do not match restore manifest");
okay = false;