Gitiles
Code Review Sign In
review.blissroms.org / platform_frameworks_base / 8236d331beb992886949a6a1dc90fc3ae40ad99f
commit8236d331beb992886949a6a1dc90fc3ae40ad99f[log] [tgz]
authorZimuzo <zezeozue@google.com>Wed Aug 29 10:47:51 2018 +0100
committerZimuzo <zezeozue@google.com>Wed Jan 16 14:35:57 2019 +0000
tree98c0702553e2ff0282d92a95e7b18496e134a439
parentbe749520c548cb7524aa302b21a30bb41504e36d [diff]
Restrict MANAGE_DEVICE_ADMIN permissions to signature

We want to prevent privileged apps from calling DevicePolicyManager#setActiveAdmin. After this, only apps signed with the platform certificate (e.g Settings / ManagedProvisioning) will be allowed to set Device Admins.

Leave @SystemApi so that it is clear that it 'was' a privileged permission, but add @removed to show that it is no longer a privileged permission.

Bug: 111153365
Test: atest PermissionsHostTest && atest CtsAdminTestCases
Change-Id: I688e87cf09ad206f4f517a7be960c2aa01af8fc4
3 files changed
tree: 98c0702553e2ff0282d92a95e7b18496e134a439
  1. apct-tests/
  2. api/
  3. cmds/
  4. config/
  5. core/
  6. data/
  7. docs/
  8. drm/
  9. graphics/
  10. keystore/
  11. libs/
  12. location/
  13. lowpan/
  14. media/
  15. native/
  16. nfc-extras/
  17. obex/
  18. opengl/
  19. packages/
  20. proto/
  21. rs/
  22. samples/
  23. sax/
  24. services/
  25. startop/
  26. telecomm/
  27. telephony/
  28. test-base/
  29. test-legacy/
  30. test-mock/
  31. test-runner/
  32. tests/
  33. tools/
  34. wifi/
  35. .gitignore
  36. Android.bp
  37. Android.mk
  38. CleanSpec.mk
  39. MODULE_LICENSE_APACHE2
  40. NOTICE
  41. pathmap.mk
  42. PREUPLOAD.cfg