Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit e12cfda7 authored by Alan Stokes's avatar Alan Stokes
Browse files

Don't allow shell to spoof initiating package name. 

This preserves the ability to override the installer package name
(installer of record). But it prevents overriding the initiating
package name (real installing package) which should always be null for
an adb installed package.

Bug: 160224791
Test: manual
Test: atest PackageManagerTests PackageVerifierTest
Change-Id: I586b524d11dab075034ca05a87fac819cb99b61b
parent dccddad3

services/core/java/com/android/server/pm/PackageInstallerService.java

+3 −1
Original line number Diff line number Diff line
@@ -522,7 +522,9 @@ public class PackageInstallerService extends IPackageInstaller.Stub implements 


        if ((callingUid == Process.SHELL_UID) || (callingUid == Process.ROOT_UID)) {

            params.installFlags |= PackageManager.INSTALL_FROM_ADB;



            // adb installs can override the installingPackageName, but not the

            // initiatingPackageName

            installerPackageName = null;

        } else {

            if (callingUid != Process.SYSTEM_UID) {

                // The supplied installerPackageName must always belong to the calling app.