From 1292b4a974b321d99bb54d5db8c56c497b46f5b5 Mon Sep 17 00:00:00 2001
From: Chen Xu <fionaxu@google.com>
Date: Sun, 13 Dec 2020 22:00:18 +0800
Subject: [PATCH] add permission check for exported activity

CaptivePortalLoginActivity is exported without any permission check
which has security concerns: The captive portal activity can be
tricked into making various carrier calls, including
resetAllCarrierActions.

Bug: 160871056
Test: Build
Change-Id: Ib7cc1ba4aca665bc94f8582de6bba7af252c481d
---
 packages/CarrierDefaultApp/AndroidManifest.xml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/packages/CarrierDefaultApp/AndroidManifest.xml b/packages/CarrierDefaultApp/AndroidManifest.xml
index f1165468c0ad3..8081eed8028c4 100644
--- a/packages/CarrierDefaultApp/AndroidManifest.xml
+++ b/packages/CarrierDefaultApp/AndroidManifest.xml
@@ -47,6 +47,7 @@
             android:name="com.android.carrierdefaultapp.CaptivePortalLoginActivity"
             android:label="@string/action_bar_label"
             android:exported="true"
+            android:permission="android.permission.MODIFY_PHONE_STATE"
             android:theme="@style/AppTheme"
             android:configChanges="keyboardHidden|orientation|screenSize">
             <intent-filter>