Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit a69e3678 authored by Nandana Dutt's avatar Nandana Dutt
Browse files

Restrict CAPTURE_VIDEO permissions to signature 

We want to restrict screen reading permissions
to signature only so only the platform and
apps signed with the platform key can access
the device screen.

Add @removed and @hide to the permission so that it's
not in the docs any more without breaking any existing
apps referring to the permissions.

Bug: 111131054
Test: atest PermissionsHostTest
Test: make & verified generated file
out/target/common/obj/PACKAGING/hiddenapi-light-greylist.txt
contains CAPTURE_VIDEO_OUTPUT and
CAPTURE_SECURE_VIDEO_OUTPUT.

Change-Id: I451fec868e5e079dc7204fb097191a565627f939
parent be018bbb

api/current.txt

+0 −2
Original line number Diff line number Diff line
@@ -57,8 +57,6 @@ package android { 
    field public static final java.lang.String CALL_PRIVILEGED = "android.permission.CALL_PRIVILEGED";

    field public static final java.lang.String CAMERA = "android.permission.CAMERA";

    field public static final java.lang.String CAPTURE_AUDIO_OUTPUT = "android.permission.CAPTURE_AUDIO_OUTPUT";

    field public static final java.lang.String CAPTURE_SECURE_VIDEO_OUTPUT = "android.permission.CAPTURE_SECURE_VIDEO_OUTPUT";

    field public static final java.lang.String CAPTURE_VIDEO_OUTPUT = "android.permission.CAPTURE_VIDEO_OUTPUT";

    field public static final java.lang.String CHANGE_COMPONENT_ENABLED_STATE = "android.permission.CHANGE_COMPONENT_ENABLED_STATE";

    field public static final java.lang.String CHANGE_CONFIGURATION = "android.permission.CHANGE_CONFIGURATION";

    field public static final java.lang.String CHANGE_NETWORK_STATE = "android.permission.CHANGE_NETWORK_STATE";

api/system-current.txt

+0 −2
Original line number Diff line number Diff line
@@ -46,9 +46,7 @@ package android { 
    field public static final java.lang.String CAMERA_DISABLE_TRANSMIT_LED = "android.permission.CAMERA_DISABLE_TRANSMIT_LED";

    field public static final java.lang.String CAPTURE_AUDIO_HOTWORD = "android.permission.CAPTURE_AUDIO_HOTWORD";

    field public static final java.lang.String CAPTURE_AUDIO_OUTPUT = "android.permission.CAPTURE_AUDIO_OUTPUT";

    field public static final java.lang.String CAPTURE_SECURE_VIDEO_OUTPUT = "android.permission.CAPTURE_SECURE_VIDEO_OUTPUT";

    field public static final java.lang.String CAPTURE_TV_INPUT = "android.permission.CAPTURE_TV_INPUT";

    field public static final java.lang.String CAPTURE_VIDEO_OUTPUT = "android.permission.CAPTURE_VIDEO_OUTPUT";

    field public static final java.lang.String CHANGE_APP_IDLE_STATE = "android.permission.CHANGE_APP_IDLE_STATE";

    field public static final java.lang.String CHANGE_COMPONENT_ENABLED_STATE = "android.permission.CHANGE_COMPONENT_ENABLED_STATE";

    field public static final java.lang.String CHANGE_CONFIGURATION = "android.permission.CHANGE_CONFIGURATION";

core/res/AndroidManifest.xml

+10 −6
Original line number Diff line number Diff line
@@ -3338,15 +3338,19 @@ 
    <permission android:name="android.permission.MODIFY_DEFAULT_AUDIO_EFFECTS"

        android:protectionLevel="signature|privileged" />



    <!-- @SystemApi Allows an application to capture video output.

         <p>Not for use by third-party applications.</p> -->

    <!-- Allows an application to capture video output.

         <p>Not for use by third-party applications.</p>

          @hide

          @removed -->

    <permission android:name="android.permission.CAPTURE_VIDEO_OUTPUT"

        android:protectionLevel="signature|privileged" />

        android:protectionLevel="signature" />



    <!-- @SystemApi Allows an application to capture secure video output.

         <p>Not for use by third-party applications.</p> -->

    <!-- Allows an application to capture secure video output.

         <p>Not for use by third-party applications.</p>

          @hide

          @removed -->

    <permission android:name="android.permission.CAPTURE_SECURE_VIDEO_OUTPUT"

        android:protectionLevel="signature|privileged" />

        android:protectionLevel="signature" />



    <!-- @SystemApi Allows an application to know what content is playing and control its playback.

         <p>Not for use by third-party applications due to privacy of media consumption</p>  -->