Loading services/core/java/com/android/server/accounts/AccountManagerService.java +4 −0 Original line number Original line Diff line number Diff line Loading @@ -4703,6 +4703,10 @@ public class AccountManagerService protected void checkKeyIntent( protected void checkKeyIntent( int authUid, int authUid, Intent intent) throws SecurityException { Intent intent) throws SecurityException { intent.setFlags(intent.getFlags() & ~(Intent.FLAG_GRANT_READ_URI_PERMISSION | Intent.FLAG_GRANT_WRITE_URI_PERMISSION | Intent.FLAG_GRANT_PERSISTABLE_URI_PERMISSION | Intent.FLAG_GRANT_PREFIX_URI_PERMISSION)); long bid = Binder.clearCallingIdentity(); long bid = Binder.clearCallingIdentity(); try { try { PackageManager pm = mContext.getPackageManager(); PackageManager pm = mContext.getPackageManager(); Loading services/core/java/com/android/server/am/ActivityManagerService.java +13 −10 Original line number Original line Diff line number Diff line Loading @@ -8629,6 +8629,19 @@ public class ActivityManagerService extends IActivityManager.Stub return -1; return -1; } } // Bail early if system is trying to hand out permissions directly; it // must always grant permissions on behalf of someone explicit. final int callingAppId = UserHandle.getAppId(callingUid); if ((callingAppId == SYSTEM_UID) || (callingAppId == ROOT_UID)) { if ("com.android.settings.files".equals(grantUri.uri.getAuthority())) { // Exempted authority for cropping user photos in Settings app } else { Slog.w(TAG, "For security reasons, the system cannot issue a Uri permission" + " grant to " + grantUri + "; use startActivityAsCaller() instead"); return -1; } } final String authority = grantUri.uri.getAuthority(); final String authority = grantUri.uri.getAuthority(); final ProviderInfo pi = getProviderInfoLocked(authority, grantUri.sourceUserId, final ProviderInfo pi = getProviderInfoLocked(authority, grantUri.sourceUserId, MATCH_DEBUG_TRIAGED_MISSING); MATCH_DEBUG_TRIAGED_MISSING); Loading Loading @@ -8724,16 +8737,6 @@ public class ActivityManagerService extends IActivityManager.Stub // Third... does the caller itself have permission to access // Third... does the caller itself have permission to access // this uri? // this uri? final int callingAppId = UserHandle.getAppId(callingUid); if ((callingAppId == SYSTEM_UID) || (callingAppId == ROOT_UID)) { if ("com.android.settings.files".equals(grantUri.uri.getAuthority())) { // Exempted authority for cropping user photos in Settings app } else { Slog.w(TAG, "For security reasons, the system cannot issue a Uri permission" + " grant to " + grantUri + "; use startActivityAsCaller() instead"); return -1; } } if (!checkHoldingPermissionsLocked(pm, pi, grantUri, callingUid, modeFlags)) { if (!checkHoldingPermissionsLocked(pm, pi, grantUri, callingUid, modeFlags)) { // Require they hold a strong enough Uri permission // Require they hold a strong enough Uri permission if (!checkUriPermissionLocked(grantUri, callingUid, modeFlags)) { if (!checkUriPermissionLocked(grantUri, callingUid, modeFlags)) { Loading
services/core/java/com/android/server/accounts/AccountManagerService.java +4 −0 Original line number Original line Diff line number Diff line Loading @@ -4703,6 +4703,10 @@ public class AccountManagerService protected void checkKeyIntent( protected void checkKeyIntent( int authUid, int authUid, Intent intent) throws SecurityException { Intent intent) throws SecurityException { intent.setFlags(intent.getFlags() & ~(Intent.FLAG_GRANT_READ_URI_PERMISSION | Intent.FLAG_GRANT_WRITE_URI_PERMISSION | Intent.FLAG_GRANT_PERSISTABLE_URI_PERMISSION | Intent.FLAG_GRANT_PREFIX_URI_PERMISSION)); long bid = Binder.clearCallingIdentity(); long bid = Binder.clearCallingIdentity(); try { try { PackageManager pm = mContext.getPackageManager(); PackageManager pm = mContext.getPackageManager(); Loading
services/core/java/com/android/server/am/ActivityManagerService.java +13 −10 Original line number Original line Diff line number Diff line Loading @@ -8629,6 +8629,19 @@ public class ActivityManagerService extends IActivityManager.Stub return -1; return -1; } } // Bail early if system is trying to hand out permissions directly; it // must always grant permissions on behalf of someone explicit. final int callingAppId = UserHandle.getAppId(callingUid); if ((callingAppId == SYSTEM_UID) || (callingAppId == ROOT_UID)) { if ("com.android.settings.files".equals(grantUri.uri.getAuthority())) { // Exempted authority for cropping user photos in Settings app } else { Slog.w(TAG, "For security reasons, the system cannot issue a Uri permission" + " grant to " + grantUri + "; use startActivityAsCaller() instead"); return -1; } } final String authority = grantUri.uri.getAuthority(); final String authority = grantUri.uri.getAuthority(); final ProviderInfo pi = getProviderInfoLocked(authority, grantUri.sourceUserId, final ProviderInfo pi = getProviderInfoLocked(authority, grantUri.sourceUserId, MATCH_DEBUG_TRIAGED_MISSING); MATCH_DEBUG_TRIAGED_MISSING); Loading Loading @@ -8724,16 +8737,6 @@ public class ActivityManagerService extends IActivityManager.Stub // Third... does the caller itself have permission to access // Third... does the caller itself have permission to access // this uri? // this uri? final int callingAppId = UserHandle.getAppId(callingUid); if ((callingAppId == SYSTEM_UID) || (callingAppId == ROOT_UID)) { if ("com.android.settings.files".equals(grantUri.uri.getAuthority())) { // Exempted authority for cropping user photos in Settings app } else { Slog.w(TAG, "For security reasons, the system cannot issue a Uri permission" + " grant to " + grantUri + "; use startActivityAsCaller() instead"); return -1; } } if (!checkHoldingPermissionsLocked(pm, pi, grantUri, callingUid, modeFlags)) { if (!checkHoldingPermissionsLocked(pm, pi, grantUri, callingUid, modeFlags)) { // Require they hold a strong enough Uri permission // Require they hold a strong enough Uri permission if (!checkUriPermissionLocked(grantUri, callingUid, modeFlags)) { if (!checkUriPermissionLocked(grantUri, callingUid, modeFlags)) {
