diff options
| author | Christopher Tate <ctate@google.com> | 2015-08-17 10:23:22 -0700 |
|---|---|---|
| committer | Christopher Tate <ctate@google.com> | 2015-08-17 10:25:27 -0700 |
| commit | ff7add011a3742bc5ba609de2abd9b7bf35c71e1 (patch) | |
| tree | 1f2f58c95507aa46bec1c398b9ff432cc82d4a84 /services | |
| parent | ed7961eb5a1fceabf30a8f790c8dc37ae714db51 (diff) | |
| download | frameworks_base-ff7add011a3742bc5ba609de2abd9b7bf35c71e1.zip frameworks_base-ff7add011a3742bc5ba609de2abd9b7bf35c71e1.tar.gz frameworks_base-ff7add011a3742bc5ba609de2abd9b7bf35c71e1.tar.bz2 | |
Check component permissions like 'exported' before assigned permissions
In particular, don't assume that the absence of an explicit permission
requirement means that the activity is freely launchable unless you have
also checked thing like exported="true" first.
Bug 23223804
Change-Id: Idbfd1f5662b374a7a447b738591b267a1c497e41
Diffstat (limited to 'services')
| -rw-r--r-- | services/core/java/com/android/server/am/ActivityStackSupervisor.java | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/services/core/java/com/android/server/am/ActivityStackSupervisor.java b/services/core/java/com/android/server/am/ActivityStackSupervisor.java index 7c79661..6d91309 100644 --- a/services/core/java/com/android/server/am/ActivityStackSupervisor.java +++ b/services/core/java/com/android/server/am/ActivityStackSupervisor.java @@ -1687,16 +1687,16 @@ public final class ActivityStackSupervisor implements DisplayListener { private int getComponentRestrictionForCallingPackage(ActivityInfo activityInfo, String callingPackage, int callingPid, int callingUid, boolean ignoreTargetSecurity) { - if (activityInfo.permission == null) { - return ACTIVITY_RESTRICTION_NONE; - } - if (!ignoreTargetSecurity && mService.checkComponentPermission(activityInfo.permission, callingPid, callingUid, activityInfo.applicationInfo.uid, activityInfo.exported) == PackageManager.PERMISSION_DENIED) { return ACTIVITY_RESTRICTION_PERMISSION; } + if (activityInfo.permission == null) { + return ACTIVITY_RESTRICTION_NONE; + } + final int opCode = AppOpsManager.permissionToOpCode(activityInfo.permission); if (opCode == AppOpsManager.OP_NONE) { return ACTIVITY_RESTRICTION_NONE; |