From 8d0547c39aac7d4fdf676a5af4e0965944e334da Mon Sep 17 00:00:00 2001 From: Matt Walliser Date: Thu, 23 Feb 2023 22:50:07 +0000 Subject: Change SharedConnectivityService's permission check to use checkCallingOrSelfPermission Bug: 270611789 Test: "atest android.net.wifi.sharedconnectivity.cts.SharedConnectivityTest" Change-Id: Ieed967b35a7de4d73190a849796853e18d0c0cb1 --- .../service/SharedConnectivityService.java | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) (limited to 'wifi/java/src') diff --git a/wifi/java/src/android/net/wifi/sharedconnectivity/service/SharedConnectivityService.java b/wifi/java/src/android/net/wifi/sharedconnectivity/service/SharedConnectivityService.java index ff7246f46859..b751f1eaa40e 100644 --- a/wifi/java/src/android/net/wifi/sharedconnectivity/service/SharedConnectivityService.java +++ b/wifi/java/src/android/net/wifi/sharedconnectivity/service/SharedConnectivityService.java @@ -130,10 +130,17 @@ public abstract class SharedConnectivityService extends Service { @RequiresPermission(anyOf = {android.Manifest.permission.NETWORK_SETTINGS, android.Manifest.permission.NETWORK_SETUP_WIZARD}) + /** + * checkPermissions is using checkCallingOrSelfPermission to support CTS testing of this + * service. This does allow a process to bind to itself if it holds the proper + * permission. We do not consider this to be an issue given that the process can already + * access the service data since they are in the same process. + */ private void checkPermissions() { - if (checkCallingPermission(NETWORK_SETTINGS) != PackageManager.PERMISSION_GRANTED - && checkCallingPermission(NETWORK_SETUP_WIZARD) - != PackageManager.PERMISSION_GRANTED) { + if (checkCallingOrSelfPermission(NETWORK_SETTINGS) + != PackageManager.PERMISSION_GRANTED + && checkCallingOrSelfPermission(NETWORK_SETUP_WIZARD) + != PackageManager.PERMISSION_GRANTED) { throw new SecurityException("Calling process must have NETWORK_SETTINGS or" + " NETWORK_SETUP_WIZARD permission"); } -- cgit v1.2.3-59-g8ed1b