Add permission checks for Verification API calls

Ensure that only applications with android.Manifest.permission.PACKAGE_VERIFICATION_AGENT can call application verification APIs, like PackageManager.verifyPendingInstall and PackageManager.extendVerificationTimeout Bug: 7049083 Change-Id: I5fc28b37e864d67cd319a1ed9d03a90dd15ad052
author: rich cannings <richc@google.com> 2012-08-27 14:44:16 -0700
committer: rich cannings <richc@google.com> 2012-08-28 14:00:46 -0700
commit: 7e67151b912622f8a279ab1523a9bcf26ebaff3d (patch)
tree: 04e046f659971b2c62115755be7265b8fe0b5521 /core
parent: ac137b3211818f9e72f9ffbaf541ad8a1ef27eb1 (diff)
download: frameworks_base-7e67151b912622f8a279ab1523a9bcf26ebaff3d.zip
frameworks_base-7e67151b912622f8a279ab1523a9bcf26ebaff3d.tar.gz
frameworks_base-7e67151b912622f8a279ab1523a9bcf26ebaff3d.tar.bz2
2 files changed, 6 insertions, 2 deletions
diff --git a/core/java/android/content/pm/PackageManager.java b/core/java/android/content/pm/PackageManager.java
index 0d99d3f..0aa094f 100644
--- a/core/java/android/content/pm/PackageManager.java
+++ b/core/java/android/content/pm/PackageManager.java
@@ -2319,6 +2319,9 @@ public abstract class PackageManager {
      *            {@link PackageManager#EXTRA_VERIFICATION_ID} Intent extra
      * @param verificationCode either {@link PackageManager#VERIFICATION_ALLOW}
      *            or {@link PackageManager#VERIFICATION_REJECT}.
+     * @throws SecurityException if the caller does not have the
+     *            {@link android.Manifest.permission#PACKAGE_VERIFICATION_AGENT}
+     *            permission.
      */
     public abstract void verifyPendingInstall(int id, int verificationCode);
 
@@ -2342,9 +2345,11 @@ public abstract class PackageManager {
      * @param millisecondsToDelay the amount of time requested for the timeout.
      *            Must be positive and less than
      *            {@link PackageManager#MAXIMUM_VERIFICATION_TIMEOUT}.
-     *
      * @throws IllegalArgumentException if {@code millisecondsToDelay} is out
      *            of bounds or {@code verificationCodeAtTimeout} is unknown.
+     * @throws SecurityException if the caller does not have the
+     *            {@link android.Manifest.permission#PACKAGE_VERIFICATION_AGENT}
+     *            permission.
      */
     public abstract void extendVerificationTimeout(int id,
             int verificationCodeAtTimeout, long millisecondsToDelay);
diff --git a/core/res/AndroidManifest.xml b/core/res/AndroidManifest.xml
index 1c9b440..5829787 100644
--- a/core/res/AndroidManifest.xml
+++ b/core/res/AndroidManifest.xml
@@ -1662,7 +1662,6 @@
 
     <!-- Package verifier needs to have this permission before the PackageManager will
          trust it to verify packages.
-         @hide
     -->
     <permission android:name="android.permission.PACKAGE_VERIFICATION_AGENT"
         android:label="@string/permlab_packageVerificationAgent"
author	rich cannings <richc@google.com>	2012-08-27 14:44:16 -0700
committer	rich cannings <richc@google.com>	2012-08-28 14:00:46 -0700
commit	7e67151b912622f8a279ab1523a9bcf26ebaff3d (patch)
tree	04e046f659971b2c62115755be7265b8fe0b5521 /core
parent	ac137b3211818f9e72f9ffbaf541ad8a1ef27eb1 (diff)
download	frameworks_base-7e67151b912622f8a279ab1523a9bcf26ebaff3d.zip frameworks_base-7e67151b912622f8a279ab1523a9bcf26ebaff3d.tar.gz frameworks_base-7e67151b912622f8a279ab1523a9bcf26ebaff3d.tar.bz2