Allows to launch only authenticator owned activities

- 3rd party developers can define himself-authenticator
  and use the accountPreferences attribute to load the
  predefined preference UI.
- If a developer defines an action intent to launch the
  other activity in xml and it would return true due
  to the true exported attribute and no permission.
- To avoid launching arbitrary activity. Here allows
  to launch only authenticator owned activities.

Bug: 150946634
Test: make RunSettingsRoboTests -j ROBOTEST_FILTER=com.android.settings.accounts
Test: PoC app
Change-Id: I5ce1a0b3838db7b3fbe48c6ea23d5f093d625cdb

diff --git a/src/com/android/settings/accounts/AccountTypePreferenceLoader.java b/src/com/android/settings/accounts/AccountTypePreferenceLoader.java
index d32b630..c639d1d 100644 (file)
--- a/src/com/android/settings/accounts/AccountTypePreferenceLoader.java
+++ b/src/com/android/settings/accounts/AccountTypePreferenceLoader.java
@@ -197,14 +197,7 @@ public class AccountTypePreferenceLoader {
         ActivityInfo resolvedActivityInfo = resolveInfo.activityInfo;
         ApplicationInfo resolvedAppInfo = resolvedActivityInfo.applicationInfo;
         try {
-            if (resolvedActivityInfo.exported) {
-                if (resolvedActivityInfo.permission == null) {
-                    return true; // exported activity without permission.
-                } else if (pm.checkPermission(resolvedActivityInfo.permission,
-                    authDesc.packageName) == PackageManager.PERMISSION_GRANTED) {
-                    return true;
-                }
-            }
+            // Allows to launch only authenticator owned activities.
             ApplicationInfo authenticatorAppInf = pm.getApplicationInfo(authDesc.packageName, 0);
             return resolvedAppInfo.uid == authenticatorAppInf.uid;
         } catch (NameNotFoundException e) {