Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit eee5094f authored by Amith Yamasani's avatar Amith Yamasani
Browse files

Fix a security exception when checking cross-profile caller-id cap. 

No need to enforce that the caller is in the system process.
We're only checking if the device policy is allowing access.

Bug: 16301261
Change-Id: I87a7c808d116c86aa68cebb36631c46d0a54be96
parent e5bcff62

services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java

+2 −1
Original line number Diff line number Diff line
@@ -4030,7 +4030,8 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { 


    @Override

    public boolean getCrossProfileCallerIdDisabledForUser(int userId) {

        enforceSystemProcess("getCrossProfileCallerIdDisabled can only be called by system");

        // TODO: Should there be a check to make sure this relationship is within a profile group?

        //enforceSystemProcess("getCrossProfileCallerIdDisabled can only be called by system");

        synchronized (this) {

            ActiveAdmin admin = getProfileOwnerAdmin(userId);

            return (admin != null) ? admin.disableCallerId : false;