Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 2328b51f authored by Prerna Kalla's avatar Prerna Kalla Committed by Bruno Martins
Browse files

LockSettingsService : Restrict access to getpassword API 



Restrict Permission of getpassword API to ACCESS_KEYGUARD_SECURE_
STORAGE to ensure saftey for user credentials. No process without
this permission should be able to invoke this API from locksetting
aidl.

CRs-Fixed: 2576302
Change-Id: I7085a00acbdb3e0ea246210207e83c80ab48dc38
Signed-off-by: default avatarPrerna Kalla <prernak@codeaurora.org>
parent 1fb41e59

services/core/java/com/android/server/locksettings/LockSettingsService.java

+1 −1
Original line number Diff line number Diff line
@@ -1289,7 +1289,7 @@ public class LockSettingsService extends ILockSettings.Stub { 
         */

       if (checkCryptKeeperPermissions())

            mContext.enforceCallingOrSelfPermission(

                    android.Manifest.permission.MANAGE_DEVICE_ADMINS,

                    android.Manifest.permission.ACCESS_KEYGUARD_SECURE_STORAGE,

                    "no crypt_keeper or admin permission to get the password");



       return mSavePassword;