Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 82bebbe6 authored by Rhed Jao's avatar Rhed Jao
Browse files

Fix side channel information disclosure 

Application can query which packages are installed on the
device via the api PackageManager#setComponentEnabledSetting.
Two different exceptions are thrown from the api for the caller
to determine whether the application is installed.

Instead of throwing IllegalArgumentException at the beginning,
this cl throws SecurityException first if the caller tries to
modify others's state without the permission.

Bug: 184948501
Test: atest PackageManagerTest
Change-Id: Ie57a79c0c0fdc7bec7ae8aae5bbce48c3023878c
parent b008b8a0
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment