Android/frameworks_base
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge "Lock down access to getProfiles for 3P apps" into nyc-dev

Browse Source 
am: d67ac0a

* commit 'd67ac0a9060468973157d76cac01cf35fa722527':
  Lock down access to getProfiles for 3P apps

Change-Id: Iecf9c66410656cf9af42f35a78f0a0339db981f9
This commit is contained in:
Fyodor Kupolov
2016-04-07 17:56:34 +00:00
committed by android-build-merger
parent 16e0976152 d67ac0a906
commit 790dd5732f
1 changed files with 13 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
services/core/java/com/android/server/pm/UserManagerService.java
View File

@@ -467,13 +467,16 @@ public class UserManagerService extends IUserManager.Stub {
@Override
public List<UserInfo> getProfiles(int userId, boolean enabledOnly) {
boolean returnFullInfo = true;
if (userId != UserHandle.getCallingUserId()) {
checkManageUsersPermission("getting profiles related to user " + userId);
} else {
returnFullInfo = hasManageUsersPermission();
}
final long ident = Binder.clearCallingIdentity();
try {
synchronized (mUsersLock) {
return getProfilesLU(userId, enabledOnly);
return getProfilesLU(userId, enabledOnly, returnFullInfo);
}
} finally {
Binder.restoreCallingIdentity(ident);
@@ -481,7 +484,7 @@ public class UserManagerService extends IUserManager.Stub {
}
/** Assume permissions already checked and caller's identity cleared */
private List<UserInfo> getProfilesLU(int userId, boolean enabledOnly) {
private List<UserInfo> getProfilesLU(int userId, boolean enabledOnly, boolean fullInfo) {
UserInfo user = getUserInfoLU(userId);
ArrayList<UserInfo> users = new ArrayList<UserInfo>(mUsers.size());
if (user == null) {
@@ -503,7 +506,14 @@ public class UserManagerService extends IUserManager.Stub {
if (profile.partial) {
continue;
}
users.add(userWithName(profile));
UserInfo userInfo = userWithName(profile);
// If full info is not required - clear PII data to prevent 3P apps from reading it
if (!fullInfo) {
userInfo = new UserInfo(userInfo);
userInfo.name = null;
userInfo.iconPath = null;
}
users.add(userInfo);
}
return users;
}