From 81c1d8d3a5aef6a423f0bb02de1b362b2f2d12df Mon Sep 17 00:00:00 2001 From: Christopher Tate Date: Mon, 6 May 2013 13:07:05 -0700 Subject: Ensure install-during-restore is like install-then-restore When we've installed an apk from the archive, recheck whether to apply the system-uid policy restrictions around file system restores. Bug 8833099 (cherry picked from commit 2baf6dcfcf7fc1705db25e64dc0cb11fa3509d39) Change-Id: I972fe1543f2234aa76baf562d6f806175ac0248e --- services/java/com/android/server/BackupManagerService.java | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) (limited to 'services') diff --git a/services/java/com/android/server/BackupManagerService.java b/services/java/com/android/server/BackupManagerService.java index 1f3f172..5fff8fd 100644 --- a/services/java/com/android/server/BackupManagerService.java +++ b/services/java/com/android/server/BackupManagerService.java @@ -3583,7 +3583,16 @@ class BackupManagerService extends IBackupManager.Stub { } else { // So far so good -- do the signatures match the manifest? Signature[] sigs = mManifestSignatures.get(info.packageName); - if (!signaturesMatch(sigs, pkg)) { + if (signaturesMatch(sigs, pkg)) { + // If this is a system-uid app without a declared backup agent, + // don't restore any of the file data. + if ((pkg.applicationInfo.uid < Process.FIRST_APPLICATION_UID) + && (pkg.applicationInfo.backupAgentName == null)) { + Slog.w(TAG, "Installed app " + info.packageName + + " has restricted uid and no agent"); + okay = false; + } + } else { Slog.w(TAG, "Installed app " + info.packageName + " signatures do not match restore manifest"); okay = false; -- cgit v1.1