Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit d5210bab authored by Dmitry Dementyev's avatar Dmitry Dementyev
Browse files

Allows AccountManager to start exported activities. 

Use correct check to let Authenticators run
GrantCredentialsPermissionActivity and CantAddAccountActivity.

Bug: 18864662, 35847616
Test: manual
Change-Id: Id46f2f80e91b9be34e4de36f13a445b92425c1e9
parent 521d92bc

services/core/java/com/android/server/accounts/AccountManagerService.java

+11 −7
Original line number Diff line number Diff line
@@ -4363,7 +4363,7 @@ public class AccountManagerService 
         * security policy.

         *

         * In particular we want to make sure that the Authenticator doesn't try to trick users

         * into launching aribtrary intents on the device via by tricking to click authenticator

         * into launching arbitrary intents on the device via by tricking to click authenticator

         * supplied entries in the system Settings app.

         */

        protected void checkKeyIntent(
@@ -4375,12 +4375,9 @@ public class AccountManagerService 
                ResolveInfo resolveInfo = pm.resolveActivityAsUser(intent, 0, mAccounts.userId);

                ActivityInfo targetActivityInfo = resolveInfo.activityInfo;

                int targetUid = targetActivityInfo.applicationInfo.uid;

                if (!GrantCredentialsPermissionActivity.class.getName().equals(

                        targetActivityInfo.getClass().getName())

                        && !CantAddAccountActivity.class

                                .equals(targetActivityInfo.getClass().getName())

                        && PackageManager.SIGNATURE_MATCH != pm.checkSignatures(authUid,

                                targetUid)) {

                if (!isExportedSystemActivity(targetActivityInfo)

                        && (PackageManager.SIGNATURE_MATCH != pm.checkSignatures(authUid,

                                targetUid))) {

                    String pkgName = targetActivityInfo.packageName;

                    String activityName = targetActivityInfo.name;

                    String tmpl = "KEY_INTENT resolved to an Activity (%s) in a package (%s) that "
@@ -4393,6 +4390,13 @@ public class AccountManagerService 
            }

        }



        private boolean isExportedSystemActivity(ActivityInfo activityInfo) {

            String className = activityInfo.name;

            return "android".equals(activityInfo.packageName) &&

                    (GrantCredentialsPermissionActivity.class.getName().equals(className)

                    || CantAddAccountActivity.class.getName().equals(className));

        }



        private void close() {

            synchronized (mSessions) {

                if (mSessions.remove(toString()) == null) {