hasRestrictedModeAccess: Clear calling identity when checking network capabilities
* This code ends up being called from Datura, the firewall app, which would fail with: java.lang.SecurityException: Package android does not belong to 10139 at android.net.NetworkPolicyManager.removeUidPolicy(NetworkPolicyManager.java:352) at org.calyxos.datura.settings.SettingsManager.setAppRestriction(SettingsManager.java:108) Caused by: android.os.RemoteException: Remote stack trace: at android.app.AppOpsManager.checkPackage(AppOpsManager.java:8552) at com.android.server.ConnectivityService.getNetworkCapabilities(ConnectivityService.java:2042) at android.net.ConnectivityManager.getNetworkCapabilities(ConnectivityManager.java:1563) at com.android.server.net.NetworkPolicyManagerService.hasRestrictedModeAccess(NetworkPolicyManagerService.java:4133) at com.android.server.net.NetworkPolicyManagerService.getNewRestrictedModeUidRule(NetworkPolicyManagerService.java:4116) Package android does not belong to 10139 where 10139 is the uid of the firewall app * This should be safe since we're only checking the capabilities here, and not actually returning anything anywhere - just a boolean Change-Id: Ia0b5790be19ad5aece0d30ae8e1a465f45f4fed6
Loading
Please register or sign in to comment