diff options
author | Svet Ganov <svetoslavganov@google.com> | 2014-08-05 09:52:18 -0700 |
---|---|---|
committer | Svetoslav Ganov <svetoslavganov@google.com> | 2014-08-05 17:06:07 +0000 |
commit | 194db6ad91c4aee995930ea8f04ea877730234fd (patch) | |
tree | 9bfabcd085c361bf3013af14ddc537b21e296f50 /services/print | |
parent | 57210c7a1aebb86d091dee0af49b45649ca47f87 (diff) | |
download | frameworks_base-194db6ad91c4aee995930ea8f04ea877730234fd.zip frameworks_base-194db6ad91c4aee995930ea8f04ea877730234fd.tar.gz frameworks_base-194db6ad91c4aee995930ea8f04ea877730234fd.tar.bz2 |
Fix cross-user permission checks in print manager service.
The cross-user check was requesting both interact across users and
interact across users all permissions which is too restrictive. Each
one is sufficient. Further, if the app has one of these premissions
but specifies a given user not current or current-self, the code
was throwing while the correct actions is to return the requested
user id as we alreay vetted the caller's permissions.
bug:16398152
Change-Id: I1a4863eb7b05dababb66bac6e143b78dfad42b81
Diffstat (limited to 'services/print')
-rw-r--r-- | services/print/java/com/android/server/print/PrintManagerService.java | 5 |
1 files changed, 2 insertions, 3 deletions
diff --git a/services/print/java/com/android/server/print/PrintManagerService.java b/services/print/java/com/android/server/print/PrintManagerService.java index 0575a5e..7400dde 100644 --- a/services/print/java/com/android/server/print/PrintManagerService.java +++ b/services/print/java/com/android/server/print/PrintManagerService.java @@ -734,7 +734,7 @@ public final class PrintManagerService extends SystemService { } if (mContext.checkCallingPermission(Manifest.permission.INTERACT_ACROSS_USERS_FULL) != PackageManager.PERMISSION_GRANTED - || mContext.checkCallingPermission(Manifest.permission.INTERACT_ACROSS_USERS) + && mContext.checkCallingPermission(Manifest.permission.INTERACT_ACROSS_USERS) != PackageManager.PERMISSION_GRANTED) { if (userId == UserHandle.USER_CURRENT_OR_SELF) { return callingUserId; @@ -746,8 +746,7 @@ public final class PrintManagerService extends SystemService { if (userId == UserHandle.USER_CURRENT || userId == UserHandle.USER_CURRENT_OR_SELF) { return mCurrentUserId; } - throw new IllegalArgumentException("Calling user can be changed to only " - + "UserHandle.USER_CURRENT or UserHandle.USER_CURRENT_OR_SELF."); + return userId; } private String resolveCallingPackageNameEnforcingSecurity(String packageName) { |