From ca7312891adcdfc300f2b5c07222120de52030ea Mon Sep 17 00:00:00 2001 From: Jeff Sharkey Date: Wed, 16 Nov 2016 17:22:48 -0700 Subject: DO NOT MERGE: Check provider access for content changes. For an app to either send or receive content change notifications, require that they have some level of access to the underlying provider. Without these checks, a malicious app could sniff sensitive user data from the notifications of otherwise private providers. Test: builds, boots, PoC app now fails Bug: 32555637 Change-Id: If2dcd45cb0a9f1fb3b93e39fc7b8ae9c34c2fdef (cherry picked from commit c813f5dae231bd8f01864227c5dba10d43a89249) (cherry picked from commit db57376d6ccbd4d3e39fc35aa8cfb561bbca4bac) mh0rst: Backport from android-7.1.1_r21 --- core/java/android/app/ActivityManagerInternal.java | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'core/java/android/app') diff --git a/core/java/android/app/ActivityManagerInternal.java b/core/java/android/app/ActivityManagerInternal.java index 40eb799..8e7c607 100644 --- a/core/java/android/app/ActivityManagerInternal.java +++ b/core/java/android/app/ActivityManagerInternal.java @@ -25,6 +25,12 @@ import android.content.ComponentName; * @hide Only for use within the system server. */ public abstract class ActivityManagerInternal { + + /** + * Verify that calling app has access to the given provider. + */ + public abstract String checkContentProviderAccess(String authority, int userId); + // Called by the power manager. public abstract void onWakefulnessChanged(int wakefulness); -- cgit v1.1