Merge "Package checks for resloving recovery tokens should be user sensitive." into klp-dev

2013-10-15 01:45:45 +00:00
parent cf8a6ca9aa 416747aea1
commit cdb9ea79a5
1 changed files with 13 additions and 8 deletions
--- a/services/java/com/android/server/accounts/AccountManagerService.java
+++ b/services/java/com/android/server/accounts/AccountManagerService.java
@@ -2167,15 +2167,20 @@ public class AccountManagerService
                 * this can be very bad when those apps are in the system like
                 * the System Settings.
                 */
-                PackageManager pm = mContext.getPackageManager();
-                ResolveInfo resolveInfo = pm.resolveActivity(intent, 0);
-                int targetUid = resolveInfo.activityInfo.applicationInfo.uid;
                int authenticatorUid = Binder.getCallingUid();
-                if (PackageManager.SIGNATURE_MATCH !=
-                        pm.checkSignatures(authenticatorUid, targetUid)) {
-                    throw new SecurityException(
-                            "Activity to be started with KEY_INTENT must " +
-                            "share Authenticator's signatures");
+                long bid = Binder.clearCallingIdentity();
+                try {
+                    PackageManager pm = mContext.getPackageManager();
+                    ResolveInfo resolveInfo = pm.resolveActivityAsUser(intent, 0, mAccounts.userId);
+                    int targetUid = resolveInfo.activityInfo.applicationInfo.uid;
+                    if (PackageManager.SIGNATURE_MATCH !=
+                            pm.checkSignatures(authenticatorUid, targetUid)) {
+                        throw new SecurityException(
+                                "Activity to be started with KEY_INTENT must " +
+                               "share Authenticator's signatures");
+                    }
+                } finally {
+                    Binder.restoreCallingIdentity(bid);
                }
            }
            if (result != null