diff options
4 files changed, 16 insertions, 11 deletions
diff --git a/core/java/android/content/pm/PackageManager.java b/core/java/android/content/pm/PackageManager.java index a48924e..2baad62 100644 --- a/core/java/android/content/pm/PackageManager.java +++ b/core/java/android/content/pm/PackageManager.java @@ -23,7 +23,6 @@ import android.content.Context; import android.content.Intent; import android.content.IntentFilter; import android.content.IntentSender; -import android.content.pm.ManifestDigest; import android.content.res.Resources; import android.content.res.XmlResourceParser; import android.graphics.drawable.Drawable; @@ -1090,10 +1089,6 @@ public abstract class PackageManager { public static final String EXTRA_VERIFICATION_INSTALL_FLAGS = "android.content.pm.extra.VERIFICATION_INSTALL_FLAGS"; - /** {@hide} */ - // TODO: enable this for userdebug and eng builds; see 6389556 - public static final boolean DEFAULT_ENFORCE_READ_EXTERNAL_STORAGE = false; - /** * Retrieve overall information about an application package that is * installed on the system. diff --git a/core/java/android/provider/Settings.java b/core/java/android/provider/Settings.java index 497e66e8..ea3cab4 100644 --- a/core/java/android/provider/Settings.java +++ b/core/java/android/provider/Settings.java @@ -4253,6 +4253,10 @@ public final class Settings { /** Timeout for package verification. {@hide} */ public static final String PACKAGE_VERIFIER_TIMEOUT = "verifier_timeout"; + /** {@hide} */ + public static final String + READ_EXTERNAL_STORAGE_ENFORCED_DEFAULT = "read_external_storage_enforced_default"; + /** * Duration in milliseconds before pre-authorized URIs for the contacts * provider should expire. diff --git a/services/java/com/android/server/pm/PackageManagerService.java b/services/java/com/android/server/pm/PackageManagerService.java index d41cd5a..d7c5eea 100644 --- a/services/java/com/android/server/pm/PackageManagerService.java +++ b/services/java/com/android/server/pm/PackageManagerService.java @@ -98,6 +98,7 @@ import android.os.ServiceManager; import android.os.SystemClock; import android.os.SystemProperties; import android.os.UserId; +import android.provider.Settings.Secure; import android.security.SystemKeyStore; import android.util.DisplayMetrics; import android.util.EventLog; @@ -9259,7 +9260,8 @@ public class PackageManagerService extends IPackageManager.Stub { mContext.enforceCallingOrSelfPermission(GRANT_REVOKE_PERMISSIONS, null); if (READ_EXTERNAL_STORAGE.equals(permission)) { synchronized (mPackages) { - if (mSettings.mReadExternalStorageEnforced != enforced) { + if (mSettings.mReadExternalStorageEnforced == null + || mSettings.mReadExternalStorageEnforced != enforced) { mSettings.mReadExternalStorageEnforced = enforced; mSettings.writeLPr(); @@ -9284,7 +9286,6 @@ public class PackageManagerService extends IPackageManager.Stub { @Override public boolean isPermissionEnforced(String permission) { - mContext.enforceCallingOrSelfPermission(GRANT_REVOKE_PERMISSIONS, null); synchronized (mPackages) { return isPermissionEnforcedLocked(permission); } @@ -9292,7 +9293,13 @@ public class PackageManagerService extends IPackageManager.Stub { private boolean isPermissionEnforcedLocked(String permission) { if (READ_EXTERNAL_STORAGE.equals(permission)) { - return mSettings.mReadExternalStorageEnforced; + if (mSettings.mReadExternalStorageEnforced != null) { + return mSettings.mReadExternalStorageEnforced; + } else { + // if user hasn't defined, fall back to secure default + return Secure.getInt(mContext.getContentResolver(), + Secure.READ_EXTERNAL_STORAGE_ENFORCED_DEFAULT, 0) != 0; + } } else { return true; } diff --git a/services/java/com/android/server/pm/Settings.java b/services/java/com/android/server/pm/Settings.java index d0eda2d..ffb69fa 100644 --- a/services/java/com/android/server/pm/Settings.java +++ b/services/java/com/android/server/pm/Settings.java @@ -111,7 +111,7 @@ final class Settings { int mInternalSdkPlatform; int mExternalSdkPlatform; - boolean mReadExternalStorageEnforced = PackageManager.DEFAULT_ENFORCE_READ_EXTERNAL_STORAGE; + Boolean mReadExternalStorageEnforced; /** Device identity for the purpose of package verification. */ private VerifierDeviceIdentity mVerifierDeviceIdentity; @@ -1147,8 +1147,7 @@ final class Settings { serializer.endTag(null, "verifier"); } - if (mReadExternalStorageEnforced - != PackageManager.DEFAULT_ENFORCE_READ_EXTERNAL_STORAGE) { + if (mReadExternalStorageEnforced != null) { serializer.startTag(null, TAG_READ_EXTERNAL_STORAGE); serializer.attribute( null, ATTR_ENFORCEMENT, mReadExternalStorageEnforced ? "1" : "0"); |