commit | ff8d66bbc2fa20b5711becf5e9266a69fbefc2ec | [log] [tgz] |
---|---|---|
author | Svetoslav Ganov <svetoslavganov@google.com> | Thu Dec 29 10:39:02 2016 -0800 |
committer | Svetoslav Ganov <svetoslavganov@google.com> | Thu Dec 29 13:42:29 2016 -0800 |
tree | 80cb9c04c745e870df8901a0137c2d133541d704 | |
parent | 17f739d924667cc56b2ecb38f93bb38eccdfcf38 [diff] |
Don't allow permission change to runtime Prevent apps to change permission protection level to dangerous from any other type as this would allow a privilege escalation where an app adds a normal permission in other app's group and then redefines it as dangerous leading to the group auto-grant. Test: Added a CTS test which passes. bug:33860747 Change-Id: Icd2d596d42ae2c6cf569c016d20d9bb9106a29ef