Loading packages/Shell/AndroidManifest.xml +1 −0 Original line number Diff line number Diff line Loading @@ -111,6 +111,7 @@ <uses-permission android:name="android.permission.VIBRATE" /> <uses-permission android:name="android.permission.MANAGE_ACTIVITY_STACKS" /> <uses-permission android:name="android.permission.CONNECTIVITY_INTERNAL" /> <uses-permission android:name="android.permission.CHANGE_COMPONENT_ENABLED_STATE" /> <!-- Permission needed to rename bugreport notifications (so they're not shown as Shell) --> <uses-permission android:name="android.permission.SUBSTITUTE_NOTIFICATION_APP_NAME" /> Loading services/core/java/com/android/server/pm/PackageManagerService.java +27 −0 Original line number Diff line number Diff line Loading @@ -17500,6 +17500,14 @@ Slog.v(TAG, ":: stepped forward, applying functor at tag " + parser.getName()); throw new IllegalArgumentException( "Unknown component: " + packageName + "/" + className); } // Don't allow other apps to disable an active profile owner if (!UserHandle.isSameApp(uid, pkgSetting.appId)) { final DevicePolicyManagerInternal dpmi = LocalServices .getService(DevicePolicyManagerInternal.class); if (dpmi != null && dpmi.hasDeviceOwnerOrProfileOwner(packageName, userId)) { throw new SecurityException("Cannot disable a device owner or a profile owner"); } } // Allow root and verify that userId is not being specified by a different user if (!allowedByPermission && !UserHandle.isSameApp(uid, pkgSetting.appId)) { throw new SecurityException( Loading @@ -17507,6 +17515,25 @@ Slog.v(TAG, ":: stepped forward, applying functor at tag " + parser.getName()); + Binder.getCallingPid() + ", uid=" + uid + ", package uid=" + pkgSetting.appId); } if (uid == Process.SHELL_UID) { // Shell can only change whole packages between ENABLED and DISABLED_USER states int oldState = pkgSetting.getEnabled(userId); if (className == null && (oldState == COMPONENT_ENABLED_STATE_DISABLED_USER || oldState == COMPONENT_ENABLED_STATE_DEFAULT || oldState == COMPONENT_ENABLED_STATE_ENABLED) && (newState == COMPONENT_ENABLED_STATE_DISABLED_USER || newState == COMPONENT_ENABLED_STATE_DEFAULT || newState == COMPONENT_ENABLED_STATE_ENABLED)) { // ok } else { throw new SecurityException( "Shell cannot change component state for " + packageName + "/" + className + " to " + newState); } } if (className == null) { // We're dealing with an application/package level state change if (pkgSetting.getEnabled(userId) == newState) { Loading
packages/Shell/AndroidManifest.xml +1 −0 Original line number Diff line number Diff line Loading @@ -111,6 +111,7 @@ <uses-permission android:name="android.permission.VIBRATE" /> <uses-permission android:name="android.permission.MANAGE_ACTIVITY_STACKS" /> <uses-permission android:name="android.permission.CONNECTIVITY_INTERNAL" /> <uses-permission android:name="android.permission.CHANGE_COMPONENT_ENABLED_STATE" /> <!-- Permission needed to rename bugreport notifications (so they're not shown as Shell) --> <uses-permission android:name="android.permission.SUBSTITUTE_NOTIFICATION_APP_NAME" /> Loading
services/core/java/com/android/server/pm/PackageManagerService.java +27 −0 Original line number Diff line number Diff line Loading @@ -17500,6 +17500,14 @@ Slog.v(TAG, ":: stepped forward, applying functor at tag " + parser.getName()); throw new IllegalArgumentException( "Unknown component: " + packageName + "/" + className); } // Don't allow other apps to disable an active profile owner if (!UserHandle.isSameApp(uid, pkgSetting.appId)) { final DevicePolicyManagerInternal dpmi = LocalServices .getService(DevicePolicyManagerInternal.class); if (dpmi != null && dpmi.hasDeviceOwnerOrProfileOwner(packageName, userId)) { throw new SecurityException("Cannot disable a device owner or a profile owner"); } } // Allow root and verify that userId is not being specified by a different user if (!allowedByPermission && !UserHandle.isSameApp(uid, pkgSetting.appId)) { throw new SecurityException( Loading @@ -17507,6 +17515,25 @@ Slog.v(TAG, ":: stepped forward, applying functor at tag " + parser.getName()); + Binder.getCallingPid() + ", uid=" + uid + ", package uid=" + pkgSetting.appId); } if (uid == Process.SHELL_UID) { // Shell can only change whole packages between ENABLED and DISABLED_USER states int oldState = pkgSetting.getEnabled(userId); if (className == null && (oldState == COMPONENT_ENABLED_STATE_DISABLED_USER || oldState == COMPONENT_ENABLED_STATE_DEFAULT || oldState == COMPONENT_ENABLED_STATE_ENABLED) && (newState == COMPONENT_ENABLED_STATE_DISABLED_USER || newState == COMPONENT_ENABLED_STATE_DEFAULT || newState == COMPONENT_ENABLED_STATE_ENABLED)) { // ok } else { throw new SecurityException( "Shell cannot change component state for " + packageName + "/" + className + " to " + newState); } } if (className == null) { // We're dealing with an application/package level state change if (pkgSetting.getEnabled(userId) == newState) {
