DO NOT MERGE. No direct Uri grants from system. (2dfdf662) · Commits · Android-smartphones / realme / realme 5pro / kaderbava / evolution_frameworks_base

Commit 2dfdf662 authored Nov 21, 2016 by Jeff Sharkey Committed by Jeff Sharkey Feb 02, 2017

DO NOT MERGE. No direct Uri grants from system.

The system should never be extending Uri permission grants from
itself, since it automatically holds all the permissions.  Instead,
the system should always be a mediator between two specific app, and
it should be using startActivityAsCaller() if it needs to extend
permissions.

Blocking at this level fixes an entire class of confused deputy
security issues.

Test: builds, normal intent resolution UI works
Bug: 33019296, 32990341, 32879915, 32879772
Change-Id: Iaa57c393a386d8068e807d0dd0caccc89d8a11db

parent 0a8978f0

Hide whitespace changes

Inline Side-by-side

Please register or to comment