Fix security problem on PermissionMonitor#hasPermission
PermissionMonitor#hasPermission only checks permssions that app
requested but it doesn't check whether the permission can be
granted to this app. If requested permission doens't be granted
to app, this method still returns that app has this permission.
Then PermissionMonitor will pass this info to netd that means
this app still can use network even restricted network without
granted privileged permission like CONNECTIVITY_INTERNAL or
CONNECTIVITY_USE_RESTRICTED_NETWORKS.
Bug:
144679405
Test: Build, flash, manual test
Change-Id: I5eba4909e4c2e1d9f275f66be90ac36466b93e90
Merged-In: I8a1575dedd6e3b7a8b60ee2ffd475d790aec55c4
Merged-In: Iae9c273af822b18c2e6fce04848a86f8dea6410a
OSDN Git Service
