Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Skip to content
Commit ad6cfcb4 authored by Muralidhar Reddy's avatar Muralidhar Reddy Committed by Muralidhar Reddy Mule
Browse files

[Security Report] Add permission check to avoid API misuse 

Two issues are observed with the current EuiccController source.
1. App can check whether any package is installed on the device or not.
2. App can check the carrier privilege status of any package.

Added permission check to know whether the package name and calling uid is belonging to same or not, If not same platform throws RuntimeException.

Bug: 231986212
Test: atest FrameworksTelephonyTests and manually verified on Android T device(Pixel 4a)
Change-Id: Ie7ebb15779c860f502abd282315fae7757087986
parent 9882dc97
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment