From a9ee6729538941a2b866d83ecbd891645f0ccc16 Mon Sep 17 00:00:00 2001
From: Robin Lee <rgl@google.com>
Date: Tue, 20 May 2014 16:26:49 +0100
Subject: DPM: Disallow some DeviceAdmin policies for ProfileOwners

A profile owner should only have control over the profile. All of the
following device admin APIs that affect the device beyond the profile
that they are called from are now disallowed:

 - Camera enable/disable
 - Keyguard
 - Wipe external storage

@bug 14434826

Change-Id: I69acfdf6f654f48b5db91aeb3ea86662d7857075
---
 .../com/android/server/devicepolicy/DevicePolicyManagerService.java | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'services/devicepolicy/java')

diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
index e2cd4e2..35fdef9 100644
--- a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
+++ b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
@@ -2411,6 +2411,9 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
             return;
         }
         enforceCrossUserPermission(userHandle);
+        if ((flags & DevicePolicyManager.WIPE_EXTERNAL_STORAGE) != 0) {
+            enforceNotManagedProfile(userHandle, "wipe external storage");
+        }
         synchronized (this) {
             // This API can only be called by an active device admin,
             // so try to retrieve it to check that the caller is one.
@@ -2863,6 +2866,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
             return;
         }
         enforceCrossUserPermission(userHandle);
+        enforceNotManagedProfile(userHandle, "enable/disable cameras");
         synchronized (this) {
             if (who == null) {
                 throw new NullPointerException("ComponentName is null");
@@ -2912,6 +2916,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
             return;
         }
         enforceCrossUserPermission(userHandle);
+        enforceNotManagedProfile(userHandle, "disable keyguard features");
         synchronized (this) {
             if (who == null) {
                 throw new NullPointerException("ComponentName is null");
@@ -2935,6 +2940,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
             return 0;
         }
         enforceCrossUserPermission(userHandle);
+        enforceNotManagedProfile(userHandle, "list disabled keyguard features");
         synchronized (this) {
             if (who != null) {
                 ActiveAdmin admin = getActiveAdminUncheckedLocked(who, userHandle);
-- 
cgit v1.1