diff options
| author | Jeff Sharkey <jsharkey@android.com> | 2016-11-30 14:29:59 -0700 |
|---|---|---|
| committer | Jeff Sharkey <jsharkey@google.com> | 2017-02-07 04:43:24 +0000 |
| commit | 3f3da42ef9bc03ad9f7c6a6f71b3c7c0f935bde4 (patch) | |
| tree | e204839962957e833c54034cea86a3aca8e39b7e /core/java | |
| parent | 4b0164b27cc9e891f7a4b6d2b2c624600ac697bc (diff) | |
DO NOT MERGE. Grant MMS Uri permissions as the calling UID.
A recent security fix prevents the system UID from handing out Uri
permission grants directly from itself. Instead, services need to
issue grants as the original calling UID to ensure that the caller
actually has access to the Uris.
Test: builds, boots, send/recv MMS works in primary/secondary users
Bug: 33231106
Change-Id: Ia9fe19843b52977c8a94ee5349b907beda1882fc
(cherry picked from commit 7ff418d9a9afb9ecf42f87fffd3e65477decb55e)
Diffstat (limited to 'core/java')
| -rw-r--r-- | core/java/android/app/ActivityManagerInternal.java | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/core/java/android/app/ActivityManagerInternal.java b/core/java/android/app/ActivityManagerInternal.java index 579b307efac6..1fbc12771717 100644 --- a/core/java/android/app/ActivityManagerInternal.java +++ b/core/java/android/app/ActivityManagerInternal.java @@ -18,6 +18,7 @@ package android.app; import android.annotation.NonNull; import android.content.ComponentName; +import android.content.Intent; /** * Activity manager local system service interface. @@ -26,6 +27,13 @@ import android.content.ComponentName; */ public abstract class ActivityManagerInternal { /** + * Grant Uri permissions from one app to another. This method only extends + * permission grants if {@code callingUid} has permission to them. + */ + public abstract void grantUriPermissionFromIntent(int callingUid, String targetPkg, + Intent intent, int targetUserId); + + /** * Verify that calling app has access to the given provider. */ public abstract String checkContentProviderAccess(String authority, int userId); |