Remove the resolved path of session's APK from user confirmation intent - platform/frameworks/base

diff options

author	Sumedh Sen <sumedhsen@google.com>	2023-02-27 11:10:47 -0800
committer	Sumedh Sen <sumedhsen@google.com>	2023-04-20 22:54:58 +0000
commit	724427aac95eb2b1fe7a66374892623db287cbc0 (patch)
tree	320afd50935f37b6d5ab85d776ffb35a77a41c89 /libs/androidfw/StringPool.cpp
parent	6a2dd9b9abadc96d52aec5b17573d099e22c4609 (diff)

Remove the resolved path of session's APK from user confirmation intent

Intent sent to the user for install confirmation includes the resolved path of the session's base apk. A malicious app can modify this path, resulting in the installer activity to show a different app icon and label in the confirmation dialog. To fix this, expose a @hide API for getting the resolved path and permission protect it with a privileged permission. Since @hide API is used, have PackageInstaller app depend on platform_apis Bug: 269728874 Bug: 279028637 Test: Adding a @hide API in UDC. No CTS test required for the API. Performed manual test by installing an apk and verifying UI elements of the installation dialog. Test: Test: atest CtsPackageInstallTestCases:SessionTest (To verify contents of user confirmation intent) Merged-In: Ibe7fe3ab5e74e3e910d9f7bd5b6f3f2e3c0ca658 Change-Id: Ibe7fe3ab5e74e3e910d9f7bd5b6f3f2e3c0ca658 (cherry picked from commit 7623ac966ee0a8fd94925f14527565325ee9dbd8)

Diffstat (limited to 'libs/androidfw/StringPool.cpp')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: