diff options
author | Roman Birg <roman@cyngn.com> | 2016-07-19 12:37:33 -0700 |
---|---|---|
committer | Gerrit Code Review <gerrit@cyanogenmod.org> | 2016-07-21 14:51:54 -0700 |
commit | d8d4e7c567872fa4596c2f63c85092a90b36a6b3 (patch) | |
tree | b3a78edc26abf41f5e559a3d4f8cbf5e4117776c /services/core/java/com/android/server/am | |
parent | 1c93b57a38aabff28a46eacd56d46bae4c803352 (diff) | |
download | frameworks_base-d8d4e7c567872fa4596c2f63c85092a90b36a6b3.zip frameworks_base-d8d4e7c567872fa4596c2f63c85092a90b36a6b3.tar.gz frameworks_base-d8d4e7c567872fa4596c2f63c85092a90b36a6b3.tar.bz2 |
PackageManager: make protected-broadcasts permission aware
This extends the <protected-broadcast> mechanism to allow protecting
actions based on a permission for system apps.
For instance:
<protected-broadcast android:name="ACTION_A"
android:permission="PERMISSION_X" />
will restrict intents with action "ACTION_A" to be only sent with
apps holding the "PERMISSION_X" permission. Note that system UIDs will
bypass the permission check and always be allowed, just like the normal
protected-broadcast mechanism.
You must still be a system application to delcare a protected broadcast.
Change-Id: Id25cffd233d400800dcb5249c5f487134e1b4152
Signed-off-by: Roman Birg <roman@cyngn.com>
Diffstat (limited to 'services/core/java/com/android/server/am')
-rwxr-xr-x | services/core/java/com/android/server/am/ActivityManagerService.java | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/services/core/java/com/android/server/am/ActivityManagerService.java b/services/core/java/com/android/server/am/ActivityManagerService.java index 6d9ed28..17d8d47 100755 --- a/services/core/java/com/android/server/am/ActivityManagerService.java +++ b/services/core/java/com/android/server/am/ActivityManagerService.java @@ -16962,7 +16962,8 @@ public final class ActivityManagerService extends ActivityManagerNative } else if (callerApp == null || !callerApp.persistent) { try { if (AppGlobals.getPackageManager().isProtectedBroadcast( - intent.getAction())) { + intent.getAction()) && !AppGlobals.getPackageManager() + .isProtectedBroadcastAllowed(intent.getAction(), callingUid)) { String msg = "Permission Denial: not allowed to send broadcast " + intent.getAction() + " from pid=" + callingPid + ", uid=" + callingUid; |