diff options
author | Jeff Sharkey <jsharkey@android.com> | 2014-11-14 21:47:17 +0000 |
---|---|---|
committer | android-build-merger <android-build-merger@google.com> | 2014-11-14 21:47:17 +0000 |
commit | b536c7a69340b85ef70197bbc4e443205110e2a5 (patch) | |
tree | b3fbd089b0a3f81c54e1ce198deb5779ffe0cbed /core/java/android/webkit | |
parent | 90610df22758cfe256298a2af0b8bbc70963d7be (diff) | |
parent | 47d2c97e7084a676fe2b4d96683912279046b28c (diff) | |
download | frameworks_base-b536c7a69340b85ef70197bbc4e443205110e2a5.zip frameworks_base-b536c7a69340b85ef70197bbc4e443205110e2a5.tar.gz frameworks_base-b536c7a69340b85ef70197bbc4e443205110e2a5.tar.bz2 |
am 27936ad3: Merge "Block loading WebView in privileged processes." into lmp-mr1-dev
automerge: 47d2c97
* commit '47d2c97e7084a676fe2b4d96683912279046b28c':
Block loading WebView in privileged processes.
Diffstat (limited to 'core/java/android/webkit')
-rw-r--r-- | core/java/android/webkit/WebViewFactory.java | 12 |
1 files changed, 9 insertions, 3 deletions
diff --git a/core/java/android/webkit/WebViewFactory.java b/core/java/android/webkit/WebViewFactory.java index 7b23d8f..474ef42 100644 --- a/core/java/android/webkit/WebViewFactory.java +++ b/core/java/android/webkit/WebViewFactory.java @@ -18,8 +18,8 @@ package android.webkit; import android.annotation.SystemApi; import android.app.ActivityManagerInternal; -import android.app.Application; import android.app.AppGlobals; +import android.app.Application; import android.content.Context; import android.content.pm.ApplicationInfo; import android.content.pm.PackageInfo; @@ -34,14 +34,14 @@ import android.os.Trace; import android.text.TextUtils; import android.util.AndroidRuntimeException; import android.util.Log; + import com.android.server.LocalServices; + import dalvik.system.VMRuntime; import java.io.File; import java.util.Arrays; -import com.android.internal.os.Zygote; - /** * Top level factory, used creating all the main WebView implementation classes. * @@ -91,6 +91,12 @@ public final class WebViewFactory { // us honest and minimize usage of WebView internals when binding the proxy. if (sProviderInstance != null) return sProviderInstance; + final int uid = android.os.Process.myUid(); + if (uid == android.os.Process.ROOT_UID || uid == android.os.Process.SYSTEM_UID) { + throw new UnsupportedOperationException( + "For security reasons, WebView is not allowed in privileged processes"); + } + Trace.traceBegin(Trace.TRACE_TAG_WEBVIEW, "WebViewFactory.getProvider()"); try { Trace.traceBegin(Trace.TRACE_TAG_WEBVIEW, "WebViewFactory.loadNativeLibrary()"); |