diff options
| author | 2017-02-02 23:59:40 +0000 | |
|---|---|---|
| committer | 2017-02-02 23:59:47 +0000 | |
| commit | e6be8d765fcaee0ddd0841afb3e27e6b6cd3e5cc (patch) | |
| tree | 240c97834972776aa566aaf720abf598a8500492 | |
| parent | c1a0e6db4c3bc11f591c6d486b6e6fccafe93078 (diff) | |
| parent | bac46f5b6581a55fa50e473ca09018bd2bdd59a9 (diff) | |
Merge "DO NOT MERGE. No direct Uri grants from system." into mnc-dev
| -rw-r--r-- | services/core/java/com/android/server/am/ActivityManagerService.java | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/services/core/java/com/android/server/am/ActivityManagerService.java b/services/core/java/com/android/server/am/ActivityManagerService.java index beb0ee0eadb1..5bb71b4dd926 100644 --- a/services/core/java/com/android/server/am/ActivityManagerService.java +++ b/services/core/java/com/android/server/am/ActivityManagerService.java @@ -7436,7 +7436,12 @@ public final class ActivityManagerService extends ActivityManagerNative // Third... does the caller itself have permission to access // this uri? - if (UserHandle.getAppId(callingUid) != Process.SYSTEM_UID) { + final int callingAppId = UserHandle.getAppId(callingUid); + if ((callingAppId == Process.SYSTEM_UID) || (callingAppId == Process.ROOT_UID)) { + Slog.w(TAG, "For security reasons, the system cannot issue a Uri permission" + + " grant to " + grantUri + "; use startActivityAsCaller() instead"); + return -1; + } else { if (!checkHoldingPermissionsLocked(pm, pi, grantUri, callingUid, modeFlags)) { // Require they hold a strong enough Uri permission if (!checkUriPermissionLocked(grantUri, callingUid, modeFlags)) { |