diff --git a/core/java/android/app/admin/DevicePolicyManager.java b/core/java/android/app/admin/DevicePolicyManager.java index a939eb046e11f..7855b927d313b 100644 --- a/core/java/android/app/admin/DevicePolicyManager.java +++ b/core/java/android/app/admin/DevicePolicyManager.java @@ -1518,7 +1518,8 @@ public class DevicePolicyManager { * Service action: Action for a service that device owner and profile owner can optionally * own. If a device owner or a profile owner has such a service, the system tries to keep * a bound connection to it, in order to keep their process always running. - * The service must not be exported. + * The service must be protected with the {@link android.Manifest.permission#BIND_DEVICE_ADMIN} + * permission. */ @SdkConstant(SdkConstantType.SERVICE_ACTION) public static final String ACTION_DEVICE_ADMIN_SERVICE diff --git a/services/devicepolicy/java/com/android/server/devicepolicy/DeviceAdminServiceController.java b/services/devicepolicy/java/com/android/server/devicepolicy/DeviceAdminServiceController.java index 97fa9d552142a..c7b8f029e4fc6 100644 --- a/services/devicepolicy/java/com/android/server/devicepolicy/DeviceAdminServiceController.java +++ b/services/devicepolicy/java/com/android/server/devicepolicy/DeviceAdminServiceController.java @@ -15,6 +15,7 @@ */ package com.android.server.devicepolicy; +import android.Manifest.permission; import android.annotation.NonNull; import android.annotation.Nullable; import android.app.admin.DevicePolicyManager; @@ -115,10 +116,12 @@ public class DeviceAdminServiceController { return null; } final ServiceInfo si = list.get(0).serviceInfo; - if (si.exported) { - Log.e(TAG, "DeviceAdminService must not be exported: '" + + if (!permission.BIND_DEVICE_ADMIN.equals(si.permission)) { + Log.e(TAG, "DeviceAdminService " + si.getComponentName().flattenToShortString() - + "' will be ignored."); + + " must be protected with " + permission.BIND_DEVICE_ADMIN + + "."); return null; } return si;