Only return password for account session flow if the caller is signed

with system key and have get_password permission. Bug: 30455516 Change-Id: I78484c59e4de1dff685ab91a0a8e7a756fffd9bf
2016-07-29 14:29:54 -07:00
parent b74a6f60d1
commit 9342e137c6
2 changed files with 6 additions and 10 deletions
--- a/core/java/android/accounts/AccountManager.java
+++ b/core/java/android/accounts/AccountManager.java
@@ -2676,8 +2676,6 @@ public class AccountManager {
     *         <ul>
     *         <li>{@link #KEY_ACCOUNT_SESSION_BUNDLE} - encrypted Bundle for
     *         adding the the to the device later.
-     *         <li>{@link #KEY_PASSWORD} - optional, the password or password
-     *         hash of the account.
     *         <li>{@link #KEY_ACCOUNT_STATUS_TOKEN} - optional, token to check
     *         status of the account
     *         </ul>
@@ -2765,8 +2763,6 @@ public class AccountManager {
     *         <ul>
     *         <li>{@link #KEY_ACCOUNT_SESSION_BUNDLE} - encrypted Bundle for
     *         updating the local credentials on device later.
-     *         <li>{@link #KEY_PASSWORD} - optional, the password or password
-     *         hash of the account
     *         <li>{@link #KEY_ACCOUNT_STATUS_TOKEN} - optional, token to check
     *         status of the account
     *         </ul>
--- a/services/core/java/com/android/server/accounts/AccountManagerService.java
+++ b/services/core/java/com/android/server/accounts/AccountManagerService.java
@@ -2685,10 +2685,9 @@ public class AccountManagerService
        boolean isPasswordForwardingAllowed = isPermitted(
                callerPkg, uid, Manifest.permission.GET_PASSWORD);

-        int usrId = UserHandle.getCallingUserId();
        long identityToken = clearCallingIdentity();
        try {
-            UserAccounts accounts = getUserAccounts(usrId);
+            UserAccounts accounts = getUserAccounts(userId);
            logRecordWithUid(accounts, DebugDbHelper.ACTION_CALLED_START_ACCOUNT_ADD,
                    TABLE_ACCOUNTS, uid);
            new StartAccountSession(
@@ -2749,10 +2748,6 @@ public class AccountManagerService
                checkKeyIntent(
                        Binder.getCallingUid(),
                        intent);
-                // Omit passwords if the caller isn't permitted to see them.
-                if (!mIsPasswordForwardingAllowed) {
-                    result.remove(AccountManager.KEY_PASSWORD);
-                }
            }
            IAccountManagerResponse response;
            if (mExpectActivityLaunch && result != null
@@ -2782,6 +2777,11 @@ public class AccountManagerService
                return;
            }

+            // Omit passwords if the caller isn't permitted to see them.
+            if (!mIsPasswordForwardingAllowed) {
+                result.remove(AccountManager.KEY_PASSWORD);
+            }
+
            // Strip auth token from result.
            result.remove(AccountManager.KEY_AUTHTOKEN);