diff options
author | Svetoslav Ganov <svetoslavganov@google.com> | 2016-07-11 19:32:30 -0700 |
---|---|---|
committer | Svetoslav Ganov <svetoslavganov@google.com> | 2016-08-23 21:43:27 +0000 |
commit | 5cb2973495084f8ce3433b579e4b4962ed9d7efc (patch) | |
tree | 9ffa862ef4309b14bba2ff0e94d5ce650f7cfec4 /rs/java/android/renderscript/RenderScriptCacheDir.java | |
parent | 50ff32c17f0557283b2e42686487f6ce0c5ca4c8 (diff) |
Only sync adapters with access can see an account - framework
It was possible for a sync adapter without accounts access to
see the account which it is supposed to sync which can be used to
identify the user. This change ensures that only sync adapters
with account access can run (which results in seeing the account),
otherwise we involve the user to approve access only to this account.
A sync adapter can access an account if one of these is true:
- it is signed as the authenticator for this account
- has the GET_ACCOUNTS permission
- has an auth token for the account
- it is a preinstalled app (system or privileged)
The main thing we need to figure out is if the extra prompts
for giving access to a sync adapter to the account create too
much friction.
bug:28163381
Change-Id: Ie083bb681b5a2aed81ca5f6a062193a175fad77e
Diffstat (limited to 'rs/java/android/renderscript/RenderScriptCacheDir.java')
0 files changed, 0 insertions, 0 deletions