RESTRICT AUTOMERGE Prevent root from getting unverified attributions from non system apps
Similar to shell, system server, and other packages, the root UID bypasses attribution tag registration requirements. This can be exploited by a malicious proxy app. Also fixes a bug which caused an unverified proxy app's attribution tag to be erroneously called "valid" if "finishProxyOp" was called for a non-system proxy app, and one of the special proxied apps Bug: 416491779 Test: atest AppOpsMemoryUsageTest Flag: EXEMPT see bug (cherry picked from https://googleplex-android-review.googlesource.com/q/commit:ab99cde450cf900767a641ddcf71f4a42e771334) (cherry picked from https://googleplex-android-review.googlesource.com/q/commit:47347f85086c7cc3d29998f213caad0c91ad025c) Merged-In: I9b44465554e10b803bc9b4ab76130aaf9933f605 Change-Id: I9b44465554e10b803bc9b4ab76130aaf9933f605
Loading
Please register or sign in to comment