OSDN Git Service

(root) / android-x86 / packages-apps-Settings.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: bec89d7) | patch
SECURITY: Prevent preference intents from exploiting settings.
authorCarlos Valdivia <carlosvaldivia@google.com>
Tue, 9 Sep 2014 03:12:24 +0000 (20:12 -0700)
committerCarlos Valdivia <carlosvaldivia@google.com>
Tue, 9 Sep 2014 18:17:19 +0000 (11:17 -0700)
commit92f761550246e60016ce1c37f1c19869536756af
tree0dd94d1721c47cf3abcb69f0014211b2577bdd04tree | snapshot
parentbec89d797b6f2680c544639faed7e47573625e11commit | diff
SECURITY: Prevent preference intents from exploiting settings.

Settings has super powers because it shares the system uid. We prevent
those powers from being exploited by malicious authenticators by
checking the intents those authenticators provide.

We will only launch intents that resolve to Activities that are exported=true
or owned by the same UID as the authenticator.

Bug: 14408627
Change-Id: Ia179df8561d29745767dac0f3c97eb0f68083f59
src/com/android/settings/accounts/ManageAccountsSettings.java diff | blob | history
packages/apps/Settings
About OSDN
Find Software
Develop Software
Help