git.osdn.net Git - android-x86/frameworks-base.git/commit

author	Dianne Hackborn <hackbod@google.com>
	Fri, 10 Jul 2009 01:14:31 +0000 (18:14 -0700)
committer	Dianne Hackborn <hackbod@google.com>
	Fri, 10 Jul 2009 01:14:31 +0000 (18:14 -0700)
commit	854060af30f928c0a65591e9c8314ae17056e6b8
tree	90922c34cec925074bb62a3b79ac65af5527c02a	tree \| snapshot
parent	d1e5e3ffc22478bad8525dec4f1c6d57fe0ad368	commit \| diff

Fix bug #1873249i: Apps can DoS/brick device

This is the problem where various things are listening for broadcasts
(such as battery status, PIN/PUK/Network) that an application can send
to cause harm to the system.

Solving this is tricky because many of these broadcasts are sticky,
and I have never figured out how to do permissions with sticky
broadcasts in a sane way. So instead, I am going to punt on the
general problem and just brute force it:

There is new a way for system components to declare specific
broadcast actions to be protected, which means that only the system
and the phone can send them. This is good enough for now. None
of it is exposed in the public API so we can make something a little
less stupid in the future if we ever need to.

core/java/android/content/Intent.java		diff \| blob \| history
core/java/android/content/pm/IPackageManager.aidl		diff \| blob \| history
core/java/android/content/pm/PackageParser.java		diff \| blob \| history
core/java/android/os/Process.java		diff \| blob \| history
core/java/android/provider/Telephony.java		diff \| blob \| history
core/res/AndroidManifest.xml		diff \| blob \| history
core/res/res/values/attrs_manifest.xml		diff \| blob \| history
services/java/com/android/server/PackageManagerService.java		diff \| blob \| history
services/java/com/android/server/am/ActivityManagerService.java		diff \| blob \| history
telephony/java/com/android/internal/telephony/TelephonyIntents.java		diff \| blob \| history