Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit cf008c28 authored by Kenny Root's avatar Kenny Root
Browse files

Do not allow non-primary user to install certs 

Change-Id: Iefc2970ae23d8ce7d30717add211c01cde251c8d
parent 38305fb1

src/com/android/settings/CredentialStorage.java

+11 −3
Original line number Diff line number Diff line
@@ -25,6 +25,7 @@ import android.content.res.Resources; 
import android.os.AsyncTask;

import android.os.Bundle;

import android.os.RemoteException;

import android.os.UserHandle;

import android.security.Credentials;

import android.security.KeyChain.KeyChainConnection;

import android.security.KeyChain;
@@ -104,17 +105,24 @@ public final class CredentialStorage extends Activity { 
     */

    private int mRetriesRemaining = -1;



    @Override protected void onResume() {

    @Override

    protected void onResume() {

        super.onResume();



        if (UserHandle.myUserId() != UserHandle.USER_OWNER) {

            Log.i(TAG, "Cannot install to CredentialStorage as non-primary user");

            finish();

            return;

        }



        Intent intent = getIntent();

        String action = intent.getAction();



        if (ACTION_RESET.equals(action)) {

            new ResetDialog();

        } else {

            if (ACTION_INSTALL.equals(action) &&

                    "com.android.certinstaller".equals(getCallingPackage())) {

            if (ACTION_INSTALL.equals(action)

                    && "com.android.certinstaller".equals(getCallingPackage())) {

                mInstallBundle = intent.getExtras();

            }

            // ACTION_UNLOCK also handled here in addition to ACTION_INSTALL