Android/frameworks_base
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Limit IsSeparateProfileChallengeAllowed to system callers

Browse Source 
am: 1b6301cf24

Change-Id: I1145186590622d415c6c10c4750cf9429806bdbe
This commit is contained in:
Pavel Grafov
2019-04-10 11:47:42 -07:00
committed by android-build-merger
parent f8db29bdf5 1b6301cf24
commit 406229f0c8
1 changed files with 3 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
View File

@@ -3930,6 +3930,9 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager {
@Override
public boolean isSeparateProfileChallengeAllowed(int userHandle) {
if (!isCallerWithSystemUid()) {
throw new SecurityException("Caller must be system");
}
ComponentName profileOwner = getProfileOwner(userHandle);
// Profile challenge is supported on N or newer release.
return profileOwner != null &&