summaryrefslogtreecommitdiffstats
path: root/services
diff options
context:
space:
mode:
authorChristopher Tate <ctate@google.com>2011-09-29 15:13:11 -0700
committerChristopher Tate <ctate@google.com>2011-09-29 15:13:11 -0700
commitb8491bb75fec622862166e1b0ba3dc60d38bfff5 (patch)
treee65cf4086b6058023dec1be39cd06d2eb3c79f87 /services
parenta44ad813aa57ea3705561968d16e6d30c3fea935 (diff)
downloadframeworks_base-b8491bb75fec622862166e1b0ba3dc60d38bfff5.zip
frameworks_base-b8491bb75fec622862166e1b0ba3dc60d38bfff5.tar.gz
frameworks_base-b8491bb75fec622862166e1b0ba3dc60d38bfff5.tar.bz2
Enforce DUMP permission on BackupManagerService's dump() method
The text of the dumped output can potentially include an email address; we don't want random code to be able to read it. Bug 5389201 Change-Id: If84886357a36b7015878e4d72017abba83b4c511
Diffstat (limited to 'services')
-rw-r--r--services/java/com/android/server/BackupManagerService.java10
1 files changed, 10 insertions, 0 deletions
diff --git a/services/java/com/android/server/BackupManagerService.java b/services/java/com/android/server/BackupManagerService.java
index e30ce72..fe49cd2 100644
--- a/services/java/com/android/server/BackupManagerService.java
+++ b/services/java/com/android/server/BackupManagerService.java
@@ -5596,6 +5596,16 @@ class BackupManagerService extends IBackupManager.Stub {
}
private void dumpInternal(PrintWriter pw) {
+ if (mContext.checkCallingOrSelfPermission(android.Manifest.permission.DUMP)
+ != PackageManager.PERMISSION_GRANTED) {
+ pw.println("Permission Denial: can't dump Backup Manager service from from pid="
+ + Binder.getCallingPid()
+ + ", uid=" + Binder.getCallingUid()
+ + " without permission "
+ + android.Manifest.permission.DUMP);
+ return;
+ }
+
synchronized (mQueueLock) {
pw.println("Backup Manager is " + (mEnabled ? "enabled" : "disabled")
+ " / " + (!mProvisioned ? "not " : "") + "provisioned / "
generated by cgit v1.1 at 2025-02-04 15:49:53 +0000