Skip to content
Commit e4e9d1f9 authored by Lorenzo Colitti's avatar Lorenzo Colitti
Browse files

Disallow NetworkAgents from changing the owner UID. 

The current behaviour with regards to changing the owner UID is
bizarre and arguably incorrect. A NetworkAgent can change the
owner to whatever other app it wants, regardless of signatures,
at any time. This includes, for example, transferring ownership
to another UID and then recovering it.

Fortunately no existing NetworkAgent appears to do this:
- ClientModeImpl sets it to the UID of the app that created the
  configuration. It doesn't look like it can change while the
  network is connected.
- Vpn sets it to the UID of the VPN owner. That also can't change.
- Telephony does not appear to set it at all, it only sets the
  administrator UIDs (and updates them whenever it gets
  EVENT_CARRIER_PRIVILEGED_UIDS_CHANGED).

Disallow this now before code is written that depends on it.

Bug: 175188445
Test: modified tests in ConnectivityServiceTest
Change-Id: I638e29fda2481ec3bf4fff562ea66a73322881df
parent 039ed698
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment