Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 235ba69d authored by dianlujitao's avatar dianlujitao Committed by Luca Stefani
Browse files

ADBRootService: Remove redundant permission check 

 * First of all, the check is performed in a helper class, one can
   easily bypass it by directly issuing the binder API.
 * On the other hand, enforceCallingOrSelfPermission allows root and
   system UID to do everything, i.e., any process running in system UID
   is allowed to pass the check, including Settings app, thus it's
   simply a no-op.

Change-Id: I82f58d6165c2ef35c61047d5899de3e8ca6f7f39
parent 6fb1a7cd

core/java/android/adb/ADBRootService.java

+0 −13
Original line number Diff line number Diff line
@@ -17,7 +17,6 @@ 
package android.adb;



import android.adbroot.IADBRootService;

import android.content.Context;

import android.os.IBinder;

import android.os.RemoteException;

import android.os.ServiceManager;
@@ -32,7 +31,6 @@ public class ADBRootService { 
    private static final String ADB_ROOT_SERVICE = "adbroot_service";



    private IADBRootService mService;

    private Context mContext;



    private final IBinder.DeathRecipient mDeathRecipient = new IBinder.DeathRecipient() {

        @Override
@@ -44,13 +42,6 @@ public class ADBRootService { 
        }

    };



    /**

     * Creates a new instance.

     */

    public ADBRootService(Context context) {

        mContext = context;

    }



    private synchronized IADBRootService getService()

            throws RemoteException {

        if (mService != null) {
@@ -72,8 +63,6 @@ public class ADBRootService { 
     * @hide

     */

    public void setEnabled(boolean enable) {

        mContext.enforceCallingOrSelfPermission(

                android.Manifest.permission.ADBROOT, "adbroot");

        try {

            final IADBRootService svc = getService();

            if (svc != null) {
@@ -88,8 +77,6 @@ public class ADBRootService { 
     * @hide

     */

    public boolean getEnabled() {

        mContext.enforceCallingOrSelfPermission(

                android.Manifest.permission.ADBROOT, "adbroot");

        try {

            final IADBRootService svc = getService();

            if (svc != null) {

core/res/AndroidManifest.xml

+0 −6
Original line number Diff line number Diff line
@@ -4609,12 +4609,6 @@ 
    <permission android:name="android.permission.PREVENT_POWER_KEY"

                android:protectionLevel="signature|privileged" />



    <!-- Allows an application to manage ADB Root

         @hide <p>Not for use by third-party applications.

    -->

    <permission android:name="android.permission.ADBROOT"

                android:protectionLevel="signature|privileged" />



    <application android:process="system"

                 android:persistent="true"

                 android:hasCode="false"

data/etc/com.android.settings.xml

+0 −1
Original line number Diff line number Diff line
@@ -50,6 +50,5 @@ 
        <permission name="android.permission.WRITE_MEDIA_STORAGE"/>

        <permission name="android.permission.WRITE_SECURE_SETTINGS"/>

        <permission name="android.permission.CONTROL_DISPLAY_COLOR_TRANSFORMS" />

        <permission name="android.permission.ADBROOT" />

    </privapp-permissions>

</permissions>