diff options
| author | Bernardo Rufino <brufino@google.com> | 2020-11-30 13:57:43 +0000 |
|---|---|---|
| committer | Bernardo Rufino <brufino@google.com> | 2020-12-10 12:47:48 +0000 |
| commit | 9674c1f1f970ba1977e0470b3698f1ad337f0e59 (patch) | |
| tree | f7c69c94e1d656747267696638c4ed3e010a04ed /tools/aapt2/java/JavaClassGenerator_test.cpp | |
| parent | fef773201f4ad62881b6df96a2061cc887a5d6dc (diff) | |
Log on unauthorized Intent.ACTION_CLOSE_SYSTEM_DIALOGS
Putting initial code to detect unauthorized use of Intent.ACSD. For now
we only allow permission holders and apps instrumented via permission
holders (eg. CTS tests via shell).
The plan is to drop the broadcast when unauthorized for targetSdk < S
(to fix the security issue) and throw a SecurityException when apps
target SDK level S+. Because of this I'm using two separate @ChangeIds
for now.
Since there are still legit use-cases where apps use Intent.ACSD, I'm
checking this in disabled mode for now, only logging. Once I implement
the exemptions for these cases I'll turn on the feature. Once that
happens I can remove one of the @ChangeIds.
It's good to get this code now rather than all at once after all the
exemptions so we can see how things fit (plus have some tests).
I'll also protect IAM.closeSystemDialogs() in a future CL.
Bug: 159105552
Test: atest CtsAppTestCases:android.app.cts.CloseSystemDialogsTest
Change-Id: I055f42a34fecebcded55a5eb6ccb3cefa2031812
Diffstat (limited to 'tools/aapt2/java/JavaClassGenerator_test.cpp')
0 files changed, 0 insertions, 0 deletions