Android/frameworks_base
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

OP_REQUEST_INSTALL_PACKAGES denied by default

Browse Source 
Some system apps may download unknown content and the user should
be explicitly asked whether they trust these files. System apps should
explicitly use the extra NOT_UNKNOWN_SOURCE to bypass this check.

Test: Builds, boots, existing tests pass:
atest CtsPackageInstallTestCases

Locally verified they pass if CtsPackageInstallTestCases.apk was signed by
the platform cert.

Bug: 123700348
Change-Id: I3028bf8ff3f79a41521deeee43fba3c32bb1b2ca
Merged-In: I2578251906f6656b83464d1c4fc4db99165841c9
This commit is contained in:
Christopher Dombroski
2019-04-16 13:21:39 -07:00
committed by Suprabh Shukla
parent 07a485743a
commit 43e682abef
1 changed files with 2 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
services/core/java/com/android/server/pm/PackageManagerService.java
View File

@@ -25010,11 +25010,9 @@ Slog.v(TAG, ":: stepped forward, applying functor at tag " + parser.getName());
}
if (mExternalSourcesPolicy != null) {
int isTrusted = mExternalSourcesPolicy.getPackageTrustedToInstallApps(packageName, uid);
if (isTrusted != PackageManagerInternal.ExternalSourcesPolicy.USER_DEFAULT) {
return isTrusted == PackageManagerInternal.ExternalSourcesPolicy.USER_TRUSTED;
}
return isTrusted == PackageManagerInternal.ExternalSourcesPolicy.USER_TRUSTED;
}
return checkUidPermission(appOpPermission, uid) == PERMISSION_GRANTED;
return false;
}
@Override