Only return password for account session flow if the caller is signed with system key and have get_password permission. am: 9342e137c6

am: 8b75ebf0bb Change-Id: I95794bb5269c849fe740576a344e43da4306ac56
2016-09-14 23:32:29 +00:00
parent 6618428306 8b75ebf0bb
commit adc906206a
2 changed files with 6 additions and 10 deletions
--- a/core/java/android/accounts/AccountManager.java
+++ b/core/java/android/accounts/AccountManager.java
@@ -2703,8 +2703,6 @@ public class AccountManager {
     *         <ul>
     *         <li>{@link #KEY_ACCOUNT_SESSION_BUNDLE} - encrypted Bundle for
     *         adding the the to the device later.
-     *         <li>{@link #KEY_PASSWORD} - optional, the password or password
-     *         hash of the account.
     *         <li>{@link #KEY_ACCOUNT_STATUS_TOKEN} - optional, token to check
     *         status of the account
     *         </ul>
@@ -2792,8 +2790,6 @@ public class AccountManager {
     *         <ul>
     *         <li>{@link #KEY_ACCOUNT_SESSION_BUNDLE} - encrypted Bundle for
     *         updating the local credentials on device later.
-     *         <li>{@link #KEY_PASSWORD} - optional, the password or password
-     *         hash of the account
     *         <li>{@link #KEY_ACCOUNT_STATUS_TOKEN} - optional, token to check
     *         status of the account
     *         </ul>
--- a/services/core/java/com/android/server/accounts/AccountManagerService.java
+++ b/services/core/java/com/android/server/accounts/AccountManagerService.java
@@ -2852,10 +2852,9 @@ public class AccountManagerService
        boolean isPasswordForwardingAllowed = isPermitted(
                callerPkg, uid, Manifest.permission.GET_PASSWORD);

-        int usrId = UserHandle.getCallingUserId();
        long identityToken = clearCallingIdentity();
        try {
-            UserAccounts accounts = getUserAccounts(usrId);
+            UserAccounts accounts = getUserAccounts(userId);
            logRecordWithUid(accounts, DebugDbHelper.ACTION_CALLED_START_ACCOUNT_ADD,
                    TABLE_ACCOUNTS, uid);
            new StartAccountSession(
@@ -2916,10 +2915,6 @@ public class AccountManagerService
                checkKeyIntent(
                        Binder.getCallingUid(),
                        intent);
-                // Omit passwords if the caller isn't permitted to see them.
-                if (!mIsPasswordForwardingAllowed) {
-                    result.remove(AccountManager.KEY_PASSWORD);
-                }
            }
            IAccountManagerResponse response;
            if (mExpectActivityLaunch && result != null
@@ -2949,6 +2944,11 @@ public class AccountManagerService
                return;
            }

+            // Omit passwords if the caller isn't permitted to see them.
+            if (!mIsPasswordForwardingAllowed) {
+                result.remove(AccountManager.KEY_PASSWORD);
+            }
+
            // Strip auth token from result.
            result.remove(AccountManager.KEY_AUTHTOKEN);