Gitiles
Code Review Sign In
review.blissroms.org / platform_frameworks_base / ff8d66bbc2fa20b5711becf5e9266a69fbefc2ec
commitff8d66bbc2fa20b5711becf5e9266a69fbefc2ec[log] [tgz]
authorSvetoslav Ganov <svetoslavganov@google.com>Thu Dec 29 10:39:02 2016 -0800
committerSvetoslav Ganov <svetoslavganov@google.com>Thu Dec 29 13:42:29 2016 -0800
tree80cb9c04c745e870df8901a0137c2d133541d704
parent17f739d924667cc56b2ecb38f93bb38eccdfcf38 [diff]
Don't allow permission change to runtime

Prevent apps to change permission protection level to dangerous
from any other type as this would allow a privilege escalation
where an app adds a normal permission in other app's group and
then redefines it as dangerous leading to the group auto-grant.

Test: Added a CTS test which passes.

bug:33860747

Change-Id: Icd2d596d42ae2c6cf569c016d20d9bb9106a29ef
1 file changed
tree: 80cb9c04c745e870df8901a0137c2d133541d704
  1. apct-tests/
  2. api/
  3. cmds/
  4. core/
  5. data/
  6. docs/
  7. drm/
  8. graphics/
  9. keystore/
  10. legacy-test/
  11. libs/
  12. location/
  13. media/
  14. native/
  15. nfc-extras/
  16. obex/
  17. opengl/
  18. packages/
  19. proto/
  20. rs/
  21. samples/
  22. sax/
  23. services/
  24. telecomm/
  25. telephony/
  26. test-runner/
  27. tests/
  28. tools/
  29. wifi/
  30. Android.bp
  31. Android.mk
  32. CleanSpec.mk
  33. compiled-classes-phone
  34. MODULE_LICENSE_APACHE2
  35. NOTICE
  36. preloaded-classes
  37. PREUPLOAD.cfg