Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 3d860133 authored by Hongming Jin's avatar Hongming Jin Committed by Gerrit - the friendly Code Review server
Browse files

Only return password for account session flow if the caller is signed 

with system key and have get_password permission.

Bug: 30455516
Change-Id: I78484c59e4de1dff685ab91a0a8e7a756fffd9bf
(cherry picked from commit 9342e137)
(cherry picked from commit fecfd550edeca422c0d9f32a9c0abe73398a1ff1)
parent 865a75aa

core/java/android/accounts/AccountManager.java

+0 −4
Original line number Diff line number Diff line
@@ -2702,8 +2702,6 @@ public class AccountManager { 
     *         <ul>

     *         <li>{@link #KEY_ACCOUNT_SESSION_BUNDLE} - encrypted Bundle for

     *         adding the the to the device later.

     *         <li>{@link #KEY_PASSWORD} - optional, the password or password

     *         hash of the account.

     *         <li>{@link #KEY_ACCOUNT_STATUS_TOKEN} - optional, token to check

     *         status of the account

     *         </ul>
@@ -2791,8 +2789,6 @@ public class AccountManager { 
     *         <ul>

     *         <li>{@link #KEY_ACCOUNT_SESSION_BUNDLE} - encrypted Bundle for

     *         updating the local credentials on device later.

     *         <li>{@link #KEY_PASSWORD} - optional, the password or password

     *         hash of the account

     *         <li>{@link #KEY_ACCOUNT_STATUS_TOKEN} - optional, token to check

     *         status of the account

     *         </ul>

services/core/java/com/android/server/accounts/AccountManagerService.java

+6 −6
Original line number Diff line number Diff line
@@ -2689,10 +2689,9 @@ public class AccountManagerService 
        boolean isPasswordForwardingAllowed = isPermitted(

                callerPkg, uid, Manifest.permission.GET_PASSWORD);



        int usrId = UserHandle.getCallingUserId();

        long identityToken = clearCallingIdentity();

        try {

            UserAccounts accounts = getUserAccounts(usrId);

            UserAccounts accounts = getUserAccounts(userId);

            logRecordWithUid(accounts, DebugDbHelper.ACTION_CALLED_START_ACCOUNT_ADD,

                    TABLE_ACCOUNTS, uid);

            new StartAccountSession(
@@ -2753,10 +2752,6 @@ public class AccountManagerService 
                checkKeyIntent(

                        Binder.getCallingUid(),

                        intent);

                // Omit passwords if the caller isn't permitted to see them.

                if (!mIsPasswordForwardingAllowed) {

                    result.remove(AccountManager.KEY_PASSWORD);

                }

            }

            IAccountManagerResponse response;

            if (mExpectActivityLaunch && result != null
@@ -2786,6 +2781,11 @@ public class AccountManagerService 
                return;

            }



            // Omit passwords if the caller isn't permitted to see them.

            if (!mIsPasswordForwardingAllowed) {

                result.remove(AccountManager.KEY_PASSWORD);

            }



            // Strip auth token from result.

            result.remove(AccountManager.KEY_AUTHTOKEN);