Only return password for account session flow if the caller is signed with system key and have get_password permission.

am: 9342e137c6 Change-Id: I10134040a7596000e768433943979c9af790e582
2016-09-14 23:23:05 +00:00
parent e0d523428f 9342e137c6
commit 57e38003e8
2 changed files with 6 additions and 10 deletions
--- a/core/java/android/accounts/AccountManager.java
+++ b/core/java/android/accounts/AccountManager.java
@@ -2680,8 +2680,6 @@ public class AccountManager {
     *         <ul>
     *         <li>{@link #KEY_ACCOUNT_SESSION_BUNDLE} - encrypted Bundle for
     *         adding the the to the device later.
-     *         <li>{@link #KEY_PASSWORD} - optional, the password or password
-     *         hash of the account.
     *         <li>{@link #KEY_ACCOUNT_STATUS_TOKEN} - optional, token to check
     *         status of the account
     *         </ul>
@@ -2769,8 +2767,6 @@ public class AccountManager {
     *         <ul>
     *         <li>{@link #KEY_ACCOUNT_SESSION_BUNDLE} - encrypted Bundle for
     *         updating the local credentials on device later.
-     *         <li>{@link #KEY_PASSWORD} - optional, the password or password
-     *         hash of the account
     *         <li>{@link #KEY_ACCOUNT_STATUS_TOKEN} - optional, token to check
     *         status of the account
     *         </ul>
--- a/services/core/java/com/android/server/accounts/AccountManagerService.java
+++ b/services/core/java/com/android/server/accounts/AccountManagerService.java
@@ -2685,10 +2685,9 @@ public class AccountManagerService
        boolean isPasswordForwardingAllowed = isPermitted(
                callerPkg, uid, Manifest.permission.GET_PASSWORD);

-        int usrId = UserHandle.getCallingUserId();
        long identityToken = clearCallingIdentity();
        try {
-            UserAccounts accounts = getUserAccounts(usrId);
+            UserAccounts accounts = getUserAccounts(userId);
            logRecordWithUid(accounts, DebugDbHelper.ACTION_CALLED_START_ACCOUNT_ADD,
                    TABLE_ACCOUNTS, uid);
            new StartAccountSession(
@@ -2749,10 +2748,6 @@ public class AccountManagerService
                checkKeyIntent(
                        Binder.getCallingUid(),
                        intent);
-                // Omit passwords if the caller isn't permitted to see them.
-                if (!mIsPasswordForwardingAllowed) {
-                    result.remove(AccountManager.KEY_PASSWORD);
-                }
            }
            IAccountManagerResponse response;
            if (mExpectActivityLaunch && result != null
@@ -2782,6 +2777,11 @@ public class AccountManagerService
                return;
            }

+            // Omit passwords if the caller isn't permitted to see them.
+            if (!mIsPasswordForwardingAllowed) {
+                result.remove(AccountManager.KEY_PASSWORD);
+            }
+
            // Strip auth token from result.
            result.remove(AccountManager.KEY_AUTHTOKEN);