Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 44a7ef27 authored by Hongming Jin's avatar Hongming Jin Committed by Dennis Cagle
Browse files

Only return password for account session flow if the caller is signed 

with system key and have get_password permission.

Bug: 30455516
Change-Id: I78484c59e4de1dff685ab91a0a8e7a756fffd9bf
(cherry picked from commit 9342e137)
(cherry picked from commit fecfd550edeca422c0d9f32a9c0abe73398a1ff1)
parent 254c0e34

core/java/android/accounts/AccountManager.java

+0 −4
Original line number Diff line number Diff line
@@ -2702,8 +2702,6 @@ public class AccountManager { 
     *         <ul>

     *         <li>{@link #KEY_ACCOUNT_SESSION_BUNDLE} - encrypted Bundle for

     *         adding the the to the device later.

     *         <li>{@link #KEY_PASSWORD} - optional, the password or password

     *         hash of the account.

     *         <li>{@link #KEY_ACCOUNT_STATUS_TOKEN} - optional, token to check

     *         status of the account

     *         </ul>
@@ -2791,8 +2789,6 @@ public class AccountManager { 
     *         <ul>

     *         <li>{@link #KEY_ACCOUNT_SESSION_BUNDLE} - encrypted Bundle for

     *         updating the local credentials on device later.

     *         <li>{@link #KEY_PASSWORD} - optional, the password or password

     *         hash of the account

     *         <li>{@link #KEY_ACCOUNT_STATUS_TOKEN} - optional, token to check

     *         status of the account

     *         </ul>

services/core/java/com/android/server/accounts/AccountManagerService.java

+6 −6
Original line number Diff line number Diff line
@@ -2689,10 +2689,9 @@ public class AccountManagerService 
        boolean isPasswordForwardingAllowed = isPermitted(

                callerPkg, uid, Manifest.permission.GET_PASSWORD);



        int usrId = UserHandle.getCallingUserId();

        long identityToken = clearCallingIdentity();

        try {

            UserAccounts accounts = getUserAccounts(usrId);

            UserAccounts accounts = getUserAccounts(userId);

            logRecordWithUid(accounts, DebugDbHelper.ACTION_CALLED_START_ACCOUNT_ADD,

                    TABLE_ACCOUNTS, uid);

            new StartAccountSession(
@@ -2753,10 +2752,6 @@ public class AccountManagerService 
                checkKeyIntent(

                        Binder.getCallingUid(),

                        intent);

                // Omit passwords if the caller isn't permitted to see them.

                if (!mIsPasswordForwardingAllowed) {

                    result.remove(AccountManager.KEY_PASSWORD);

                }

            }

            IAccountManagerResponse response;

            if (mExpectActivityLaunch && result != null
@@ -2786,6 +2781,11 @@ public class AccountManagerService 
                return;

            }



            // Omit passwords if the caller isn't permitted to see them.

            if (!mIsPasswordForwardingAllowed) {

                result.remove(AccountManager.KEY_PASSWORD);

            }



            // Strip auth token from result.

            result.remove(AccountManager.KEY_AUTHTOKEN);