Skip to content
Commit 0e0693ca authored by kumarashishg's avatar kumarashishg Committed by Ashish Kumar Gupta
Browse files

Resolve custom printer icon boundary exploit. 

Because Settings grants the INTERACT_ACROSS_USERS_FULL permission, an exploit is possible where the third party print plugin service can pass other's User Icon URI. This CL provides a lightweight solution for parsing the image URI to detect profile exploitation.

Bug: 281525042
Test: Build and flash the code. Try to reproduce the issue with
mentioned steps in the bug

Change-Id: Iaaa6fe2a627a265c4d1d7b843a033a132e1fe2ce
Merged-In: Iaaa6fe2a627a265c4d1d7b843a033a132e1fe2ce
parent e6f43265
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment