diff options
| author | Scott Mertz <scott@cyngn.com> | 2016-08-04 15:17:01 -0700 |
|---|---|---|
| committer | Gerrit Code Review <gerrit@cyanogenmod.org> | 2016-08-05 09:53:48 -0700 |
| commit | a92b91d7966350ad37f5c60586e5ccb9abc696be (patch) | |
| tree | c33c24c61cfd3f90ac516ed142c1a0dbfc4513e6 /core | |
| parent | 66af012f8b1e8adb18132a669d2ed2e81d7bdf42 (diff) | |
| download | frameworks_base-a92b91d7966350ad37f5c60586e5ccb9abc696be.zip frameworks_base-a92b91d7966350ad37f5c60586e5ccb9abc696be.tar.gz frameworks_base-a92b91d7966350ad37f5c60586e5ccb9abc696be.tar.bz2 | |
fw: enforce android.permission.PREVENT_SYSTEM_KEYS in system server
Since privateFlags can be accessed and modified via reflection
due to change 5d927c2d8e, the prevent system keys or prevent
power keys flag can be set and deployed without ever calling
setPrivateFlags directly.
Move enforcing to system server to prevent app tampering.
TICKET: CYAN-7921 (open source JIRA)
Found by Maciej Krysztofiak
Change-Id: I53c2804d0283692036f5cc95e6ad57821bc0655a
Diffstat (limited to 'core')
| -rw-r--r-- | core/java/android/view/Window.java | 7 |
1 files changed, 0 insertions, 7 deletions
diff --git a/core/java/android/view/Window.java b/core/java/android/view/Window.java index 65577f0..50a926f 100644 --- a/core/java/android/view/Window.java +++ b/core/java/android/view/Window.java @@ -869,13 +869,6 @@ public abstract class Window { } private void setPrivateFlags(int flags, int mask) { - int preventFlags = WindowManager.LayoutParams.PRIVATE_FLAG_PREVENT_POWER_KEY | - WindowManager.LayoutParams.PRIVATE_FLAG_PREVENT_SYSTEM_KEYS; - - if ((flags & mask & preventFlags) != 0) { - mContext.enforceCallingOrSelfPermission("android.permission.PREVENT_SYSTEM_KEYS", - "No permission to prevent system key"); - } final WindowManager.LayoutParams attrs = getAttributes(); attrs.privateFlags = (attrs.privateFlags & ~mask) | (flags & mask); dispatchWindowAttributesChanged(attrs); |