Gitiles
Code Review Sign In
review.blissroms.org / platform_frameworks_base / d20ea2f158000fd83528ef95e4e5fc6ff8c78b81
commitd20ea2f158000fd83528ef95e4e5fc6ff8c78b81[log] [tgz]
authorAmith Yamasani <yamasani@google.com>Wed May 08 12:57:01 2013 -0700
committerAmith Yamasani <yamasani@google.com>Wed May 08 12:57:01 2013 -0700
treed0f110f167516f146bb4b2bdc2815a30528c3b1c
parente2322bdd7865552aa31f93bbf4e60d4d9a7d0973 [diff]
Don't allow non-authorized apps to access auth tokens

For restricted profiles, if an app tries to guess an account name and
requests an auth token, even though the framework is going to prompt
for permission, it could be authorized by someone who can't read.

If the app is not opting in to see accounts, don't let it get auth tokens
by verifying first that it's in the list of known accounts.

Bug: 8736380
Change-Id: I6caf88cfe14aa1023d55bcb28ad80ccd89eeb79b
1 file changed
tree: d0f110f167516f146bb4b2bdc2815a30528c3b1c
  1. api/
  2. cmds/
  3. core/
  4. data/
  5. docs/
  6. drm/
  7. graphics/
  8. include/
  9. keystore/
  10. libs/
  11. location/
  12. media/
  13. native/
  14. nfc-extras/
  15. obex/
  16. opengl/
  17. packages/
  18. policy/
  19. samples/
  20. sax/
  21. services/
  22. telephony/
  23. test-runner/
  24. tests/
  25. tools/
  26. wifi/
  27. Android.mk
  28. CleanSpec.mk
  29. MODULE_LICENSE_APACHE2
  30. NOTICE
  31. preloaded-classes