Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Skip to content
Commit 9f62a263 authored by Zimuzo's avatar Zimuzo
Browse files

Add privileged APIs to lock device and reset device password 

In 534d732e9f274ad3f3e0637b9da963f889309afb, we are restricting privileged apps from silently becoming
Device Admins. Privileged apps can now call the following existing Device Admin APIs provided they have the correct permissions:
1. DevicePolicyManager#resetPassword -> Guarded by android.permission.RESET_PASSWORD
2. DevicePolicyManager#lockNow -> Guarded by android.permission.LOCK_DEVICE

The following existing Device Admin APIs already have alternatives hence no change required:
3. DevicePolicyManager#wipeData -> Send ACTION_FACTORY_RESET broadcast.
Guarded by android.permission.MASTER_CLEAR
4. DevicePolicyManager#setKeyguardDisabledFeatures -> Write '0' to LOCK_SCREEN_ALLOW_PRIVATE_NOTIFICATIONS setting
Guarded by WRITE_SECURE_SETTINGS

Bug: 111153365
Bug: 112601004
Test: Manually tested with dev privileged app
Change-Id: Ia4e1ce9b81756e7f84ed0aa22d97e0b968cd8d89
parent 66b0919d
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment