summaryrefslogtreecommitdiffstats
path: root/services/print
diff options
context:
space:
mode:
authorSvet Ganov <svetoslavganov@google.com>2014-08-05 09:52:18 -0700
committerSvetoslav Ganov <svetoslavganov@google.com>2014-08-05 17:06:07 +0000
commit194db6ad91c4aee995930ea8f04ea877730234fd (patch)
tree9bfabcd085c361bf3013af14ddc537b21e296f50 /services/print
parent57210c7a1aebb86d091dee0af49b45649ca47f87 (diff)
downloadframeworks_base-194db6ad91c4aee995930ea8f04ea877730234fd.zip
frameworks_base-194db6ad91c4aee995930ea8f04ea877730234fd.tar.gz
frameworks_base-194db6ad91c4aee995930ea8f04ea877730234fd.tar.bz2
Fix cross-user permission checks in print manager service.
The cross-user check was requesting both interact across users and interact across users all permissions which is too restrictive. Each one is sufficient. Further, if the app has one of these premissions but specifies a given user not current or current-self, the code was throwing while the correct actions is to return the requested user id as we alreay vetted the caller's permissions. bug:16398152 Change-Id: I1a4863eb7b05dababb66bac6e143b78dfad42b81
Diffstat (limited to 'services/print')
-rw-r--r--services/print/java/com/android/server/print/PrintManagerService.java5
1 files changed, 2 insertions, 3 deletions
diff --git a/services/print/java/com/android/server/print/PrintManagerService.java b/services/print/java/com/android/server/print/PrintManagerService.java
index 0575a5e..7400dde 100644
--- a/services/print/java/com/android/server/print/PrintManagerService.java
+++ b/services/print/java/com/android/server/print/PrintManagerService.java
@@ -734,7 +734,7 @@ public final class PrintManagerService extends SystemService {
}
if (mContext.checkCallingPermission(Manifest.permission.INTERACT_ACROSS_USERS_FULL)
!= PackageManager.PERMISSION_GRANTED
- || mContext.checkCallingPermission(Manifest.permission.INTERACT_ACROSS_USERS)
+ && mContext.checkCallingPermission(Manifest.permission.INTERACT_ACROSS_USERS)
!= PackageManager.PERMISSION_GRANTED) {
if (userId == UserHandle.USER_CURRENT_OR_SELF) {
return callingUserId;
@@ -746,8 +746,7 @@ public final class PrintManagerService extends SystemService {
if (userId == UserHandle.USER_CURRENT || userId == UserHandle.USER_CURRENT_OR_SELF) {
return mCurrentUserId;
}
- throw new IllegalArgumentException("Calling user can be changed to only "
- + "UserHandle.USER_CURRENT or UserHandle.USER_CURRENT_OR_SELF.");
+ return userId;
}
private String resolveCallingPackageNameEnforcingSecurity(String packageName) {