diff options
| author | Benjamin Franz <bfranz@google.com> | 2016-07-22 08:54:31 +0000 |
|---|---|---|
| committer | android-build-merger <android-build-merger@google.com> | 2016-07-22 08:54:31 +0000 |
| commit | 4b6401f166fb517b51da482ba7be6c1ec1f28668 (patch) | |
| tree | 0ad93d87a2e709e9dfd9dc121bebfe377977ee97 | |
| parent | 669a90cd961e8be4843e4cedb1564fa23e9a95c0 (diff) | |
| parent | 36eb7a13709073111e2397c9f542cb6f64f3f2b9 (diff) | |
Block user from setting safe boot setting via adb am: 0ff13fce6f
am: 36eb7a1370
Change-Id: I63ad7dc4f3acbfd3e3d5dd7f236721df9c80b950
| -rw-r--r-- | packages/SettingsProvider/src/com/android/providers/settings/SettingsProvider.java | 5 | ||||
| -rw-r--r-- | services/core/java/com/android/server/pm/UserRestrictionsUtils.java | 3 |
2 files changed, 8 insertions, 0 deletions
diff --git a/packages/SettingsProvider/src/com/android/providers/settings/SettingsProvider.java b/packages/SettingsProvider/src/com/android/providers/settings/SettingsProvider.java index 4d3e3e5a2925..d27f1f830c32 100644 --- a/packages/SettingsProvider/src/com/android/providers/settings/SettingsProvider.java +++ b/packages/SettingsProvider/src/com/android/providers/settings/SettingsProvider.java @@ -1202,6 +1202,11 @@ public class SettingsProvider extends ContentProvider { restriction = UserManager.DISALLOW_CONFIG_VPN; break; + case Settings.Global.SAFE_BOOT_DISALLOWED: + if ("1".equals(value)) return false; + restriction = UserManager.DISALLOW_SAFE_BOOT; + break; + default: if (setting != null && setting.startsWith(Settings.Global.DATA_ROAMING)) { if ("0".equals(value)) return false; diff --git a/services/core/java/com/android/server/pm/UserRestrictionsUtils.java b/services/core/java/com/android/server/pm/UserRestrictionsUtils.java index 04997570b89e..18bc27795494 100644 --- a/services/core/java/com/android/server/pm/UserRestrictionsUtils.java +++ b/services/core/java/com/android/server/pm/UserRestrictionsUtils.java @@ -333,6 +333,9 @@ public class UserRestrictionsUtils { // set, and in that case even if the restriction is lifted, changing it to ON would be // wrong. So just don't do anything in such a case. If the user hopes to enable location // later, they can do it on the Settings UI. + // WARNING: Remember that Settings.Global and Settings.Secure are changeable via adb. + // To prevent this from happening for a given user restriction, you have to add a check to + // SettingsProvider.isGlobalOrSecureSettingRestrictedForUser. final ContentResolver cr = context.getContentResolver(); final long id = Binder.clearCallingIdentity(); |