Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 999901aa authored by Michael Groover's avatar Michael Groover
Browse files

Revert READ_PHONE_STATE from an install to runtime permission 

After all of the sensitive APIs were moved out of READ_PHONE_STATE for
apps targeting R+ READ_PHONE_STATE was downgraded to an install
permission. However this granted apps targeting pre-R access to the
device phone number without user consent. This commit reverts
READ_PHONE_STATE to a runtime permission which will require apps
targeting pre-R to still obtain user consent to access the device
phone number while still preventing access to the phone group and
the other sensitive APIs exposed there.

Bug: 154368168
Test: Manually installed app requesting READ_PHONE_STATE and invoking
      getLine1Number; verified without permission granted the method
      threw a SecurityException.
Change-Id: I410aa9f287f8fa2b076910e531d833bd87923ccb
parent a4a01127

core/res/AndroidManifest.xml

+3 −2
Original line number Diff line number Diff line
@@ -1109,12 +1109,13 @@ 
         grants your app this permission. If you don't need this permission, be sure your <a

         href="{@docRoot}guide/topics/manifest/uses-sdk-element.html#target">{@code

         targetSdkVersion}</a> is 4 or higher.

         <p>Protection level: normal

         <p>Protection level: dangerous

    -->

    <permission android:name="android.permission.READ_PHONE_STATE"

        android:permissionGroup="android.permission-group.UNDEFINED"

        android:label="@string/permlab_readPhoneState"

        android:description="@string/permdesc_readPhoneState"

        android:protectionLevel="normal" />

        android:protectionLevel="dangerous" />



    <!-- Allows read access to the device's phone number(s). This is a subset of the capabilities

         granted by {@link #READ_PHONE_STATE} but is exposed to instant applications.