Skip to content
Commit 95ca86f4 authored by kumarashishg's avatar kumarashishg Committed by Ashish Kumar Gupta
Browse files

Resolve custom printer icon boundary exploit.

Because Settings grants the INTERACT_ACROSS_USERS_FULL permission, an exploit is possible where the third party print plugin service can pass other's User Icon URI. This CL provides a lightweight solution for parsing the image URI to detect profile exploitation.

Bug: 281525042
Test: Build and flash the code. Try to reproduce the issue with
mentioned steps in the bug

Change-Id: Iaaa6fe2a627a265c4d1d7b843a033a132e1fe2ce
Merged-In: Iaaa6fe2a627a265c4d1d7b843a033a132e1fe2ce
parent 2427c53a
Loading
Loading
Loading
Loading
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment