d4c436d9492ff10672fde6ccc5488a7094474074 - platform_frameworks_base

commit	d4c436d9492ff10672fde6ccc5488a7094474074	[log] [tgz]
author	Jeff Chang <chengjeff@google.com>	Thu May 20 09:52:27 2021 +0800
committer	Jeff Chang <chengjeff@google.com>	Mon Sep 06 18:20:43 2021 +0800
tree	bcc137cd47dfe48454035c90c124e050ebb5c3c3
parent	08774f2ffc033d4e8186b5a7914b7e08a1fed84c [diff]

Only allow system to apply relinquishTaskIdentity

Any malicious application could hijack tasks by
android:relinquishTaskIdentity. This vulnerability can perform UI
spoofing or spy on user’s activities.

This CL limit the usage which only allow system to apply
relinquishTaskIdentity

Bug: 185810717
Test: atest IntentTests
      atest ActivityStarterTests
      atest com.android.server.wm.TaskTests
Change-Id: Iddbb9c04237fdc8bdc0c2223ee597f43f37cb178

services/core/java/com/android/server/wm/Task.java[diff]
services/tests/wmtests/src/com/android/server/wm/TaskTests.java[diff]

2 files changed