From bc19c181c8c058c824e4fee907a05129e142c388 Mon Sep 17 00:00:00 2001
From: Jeff Davidson <jpd@google.com>
Date: Tue, 11 Nov 2014 13:20:01 -0800
Subject: Enforce VPN control "permission" with an actual permission.

The current implementation uses a whitelist of package names. Use a
system|signature permission instead of rolling our own security and
add that permission to the existing set of whitelisted packages
(SystemUI and VpnDialogs).

In addition to being less of a security risk (using well-known methods
like Context.enforceCallingPermission rather than manually querying
PackageManager and checking UIDs for package names), this enables
other system-privileged apps to control VPN as needed per the below
bug.

Bug: 18327583
Change-Id: I38617965c40d62cf1ac28e3cb382c0877fb1275d
---
 packages/VpnDialogs/AndroidManifest.xml | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'packages/VpnDialogs')

diff --git a/packages/VpnDialogs/AndroidManifest.xml b/packages/VpnDialogs/AndroidManifest.xml
index 03d920a..375c5d8 100644
--- a/packages/VpnDialogs/AndroidManifest.xml
+++ b/packages/VpnDialogs/AndroidManifest.xml
@@ -19,6 +19,8 @@
 <manifest xmlns:android="http://schemas.android.com/apk/res/android"
         package="com.android.vpndialogs">
 
+    <uses-permission android:name="android.permission.CONTROL_VPN" />
+
     <application android:label="VpnDialogs"
             android:allowBackup="false" >
         <activity android:name=".ConfirmDialog"
-- 
cgit v1.1