diff options
| author | Jeff Sharkey <jsharkey@android.com> | 2012-05-11 14:04:41 -0700 |
|---|---|---|
| committer | Jeff Sharkey <jsharkey@android.com> | 2012-05-11 15:31:39 -0700 |
| commit | f53857716a0db805c51c0cae93550d90e32e4749 (patch) | |
| tree | f08bea9fbd41f3299a42c68740d286d614e37f65 /services/java/com/android/server | |
| parent | 0891a89790777e2f88f413351fafe49dda36714f (diff) | |
| download | frameworks_base-f53857716a0db805c51c0cae93550d90e32e4749.zip frameworks_base-f53857716a0db805c51c0cae93550d90e32e4749.tar.gz frameworks_base-f53857716a0db805c51c0cae93550d90e32e4749.tar.bz2 | |
Enforce READ_EXTERNAL through Settings.Secure.
Always defers to user-defined setting, when present.
Bug: 6389556
Change-Id: I079d2a41b772facfdac74eefc4c8072fc9284f97
Diffstat (limited to 'services/java/com/android/server')
| -rw-r--r-- | services/java/com/android/server/pm/PackageManagerService.java | 13 | ||||
| -rw-r--r-- | services/java/com/android/server/pm/Settings.java | 5 |
2 files changed, 12 insertions, 6 deletions
diff --git a/services/java/com/android/server/pm/PackageManagerService.java b/services/java/com/android/server/pm/PackageManagerService.java index d41cd5a..d7c5eea 100644 --- a/services/java/com/android/server/pm/PackageManagerService.java +++ b/services/java/com/android/server/pm/PackageManagerService.java @@ -98,6 +98,7 @@ import android.os.ServiceManager; import android.os.SystemClock; import android.os.SystemProperties; import android.os.UserId; +import android.provider.Settings.Secure; import android.security.SystemKeyStore; import android.util.DisplayMetrics; import android.util.EventLog; @@ -9259,7 +9260,8 @@ public class PackageManagerService extends IPackageManager.Stub { mContext.enforceCallingOrSelfPermission(GRANT_REVOKE_PERMISSIONS, null); if (READ_EXTERNAL_STORAGE.equals(permission)) { synchronized (mPackages) { - if (mSettings.mReadExternalStorageEnforced != enforced) { + if (mSettings.mReadExternalStorageEnforced == null + || mSettings.mReadExternalStorageEnforced != enforced) { mSettings.mReadExternalStorageEnforced = enforced; mSettings.writeLPr(); @@ -9284,7 +9286,6 @@ public class PackageManagerService extends IPackageManager.Stub { @Override public boolean isPermissionEnforced(String permission) { - mContext.enforceCallingOrSelfPermission(GRANT_REVOKE_PERMISSIONS, null); synchronized (mPackages) { return isPermissionEnforcedLocked(permission); } @@ -9292,7 +9293,13 @@ public class PackageManagerService extends IPackageManager.Stub { private boolean isPermissionEnforcedLocked(String permission) { if (READ_EXTERNAL_STORAGE.equals(permission)) { - return mSettings.mReadExternalStorageEnforced; + if (mSettings.mReadExternalStorageEnforced != null) { + return mSettings.mReadExternalStorageEnforced; + } else { + // if user hasn't defined, fall back to secure default + return Secure.getInt(mContext.getContentResolver(), + Secure.READ_EXTERNAL_STORAGE_ENFORCED_DEFAULT, 0) != 0; + } } else { return true; } diff --git a/services/java/com/android/server/pm/Settings.java b/services/java/com/android/server/pm/Settings.java index d0eda2d..ffb69fa 100644 --- a/services/java/com/android/server/pm/Settings.java +++ b/services/java/com/android/server/pm/Settings.java @@ -111,7 +111,7 @@ final class Settings { int mInternalSdkPlatform; int mExternalSdkPlatform; - boolean mReadExternalStorageEnforced = PackageManager.DEFAULT_ENFORCE_READ_EXTERNAL_STORAGE; + Boolean mReadExternalStorageEnforced; /** Device identity for the purpose of package verification. */ private VerifierDeviceIdentity mVerifierDeviceIdentity; @@ -1147,8 +1147,7 @@ final class Settings { serializer.endTag(null, "verifier"); } - if (mReadExternalStorageEnforced - != PackageManager.DEFAULT_ENFORCE_READ_EXTERNAL_STORAGE) { + if (mReadExternalStorageEnforced != null) { serializer.startTag(null, TAG_READ_EXTERNAL_STORAGE); serializer.attribute( null, ATTR_ENFORCEMENT, mReadExternalStorageEnforced ? "1" : "0"); |