From 2baf6dcfcf7fc1705db25e64dc0cb11fa3509d39 Mon Sep 17 00:00:00 2001 From: Christopher Tate Date: Mon, 6 May 2013 13:07:05 -0700 Subject: [PATCH] Ensure install-during-restore is like install-then-restore When we've installed an apk from the archive, recheck whether to apply the system-uid policy restrictions around file system restores. Bug 8833099 Change-Id: Ifa1b5877673a0d6ca6acf94e60f314fd0dda008c --- .../java/com/android/server/BackupManagerService.java | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/services/java/com/android/server/BackupManagerService.java b/services/java/com/android/server/BackupManagerService.java index 2a3c87e4ff6f1..a537e99dfa983 100644 --- a/services/java/com/android/server/BackupManagerService.java +++ b/services/java/com/android/server/BackupManagerService.java @@ -3735,7 +3735,16 @@ class BackupManagerService extends IBackupManager.Stub { } else { // So far so good -- do the signatures match the manifest? Signature[] sigs = mManifestSignatures.get(info.packageName); - if (!signaturesMatch(sigs, pkg)) { + if (signaturesMatch(sigs, pkg)) { + // If this is a system-uid app without a declared backup agent, + // don't restore any of the file data. + if ((pkg.applicationInfo.uid < Process.FIRST_APPLICATION_UID) + && (pkg.applicationInfo.backupAgentName == null)) { + Slog.w(TAG, "Installed app " + info.packageName + + " has restricted uid and no agent"); + okay = false; + } + } else { Slog.w(TAG, "Installed app " + info.packageName + " signatures do not match restore manifest"); okay = false;