Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Skip to content
Commit bca47965 authored by Philip P. Moltmann's avatar Philip P. Moltmann
Browse files

Check cross-user interactions for permissions and app-ops operations 

1.
We want to be quite permissive here as without being able to check
permissions or appops nothing else works. Hence allow cross-user
interactions if any cross-user permission is granted.

2.
Also we need to prevent infinite recursion as we are checking permission
and appops inside of permission and app-op checks.

2.
Clear Binder.callingUid when checking permission inside system server

Makeing the binder call "checkPermission" usually sets
Binder.callingUid to the calling processes UID. Hence clearing the
calling UID is superflous. If the call is inside the system server
though "checkPermission" is not a binder all, it is only a method call.
Hence Binder.callingUid might still be set to the app that called the
system server. This can lead to problems as not every app can check the
same permission the system server can check.

E.g. the system server can check permission accross user boundaries,
most regular apps can't

Test: atest CtsPermissionHostTestCases CtsAppOpHostTestCases // execute the new paths for both full users and profiles
      atest ManagedProfileTest#testCameraPolicy              // a previous version of the patch caused a regression in this test
      atest AccountManagerXUserTest                          // a previous version of the patch caused a regression in this test
      Accessed clipboard from chrome in work profile
Fixes: 153996875
Change-Id: I2a8a84f574fbf07ab88ed991445830fa85aa4450
parent 5f9b30a1
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment