Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Skip to content
Commit 96e0524c authored by Nan Wu's avatar Nan Wu Committed by Android Build Coastguard Worker
Browse files

Rescind BAL privilege when ShortcutService sends the callback PI 

When AppWidgetManager.requestPinAppWidget is called from a client,
The passed in callback PendingIntent is called from the system
server. This allows the PendingIntent to be able to bypass BAL
checks.

Bug: 278722815
Test: manual test. BackgroundActivityLaunchTest. Regression like
      RequestPinAppWidgetTest, PeopleSpaceWidgetManagerTest, etc.
(cherry picked from commit eb904695)
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:0a0778e96d7da3fa8169abdf9261ed62809539fa)
Merged-In: I2df9de272192c9a149a9ff519c96e6e0e8304040
Change-Id: I2df9de272192c9a149a9ff519c96e6e0e8304040
parent 58fa254a
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment