The IOverlayManager.aidl interface is protected by certain permissions.
The overlay manager implements the permission checks by calling
enforceCallingOrSelfPermission, but this method needlessly includes the
permissions of system_server in the check.
Harden the permission checks by switching from
enforceCallingOrSelfPermission to enforceCallingPermission.
Bug:
78809702
Test: atest OverlayHostTests OverlayDeviceTests
Change-Id: I5851dd1683adf644ea8e5a58dce4d7377664342e
* @throws SecurityException if the permission check fails
*/
private void enforceChangeOverlayPackagesPermission(@NonNull final String message) {
- getContext().enforceCallingOrSelfPermission(
+ getContext().enforceCallingPermission(
android.Manifest.permission.CHANGE_OVERLAY_PACKAGES, message);
}
* @throws SecurityException if the permission check fails
*/
private void enforceDumpPermission(@NonNull final String message) {
- getContext().enforceCallingOrSelfPermission(android.Manifest.permission.DUMP,
- message);
+ getContext().enforceCallingPermission(android.Manifest.permission.DUMP, message);
}
};
OSDN Git Service
