Relax WiFi cert installation restrictions in HSUM mode

The Settings app runs under the current user, which previously lacked the necessary permissions to install client certificates in HSUM mode. This change allows any admin user to install these certificates. Bug: b/370013519 Flag: EXEMPT bugfix Test: manually installed and removed client certificate for WiFi Change-Id: I57a7364c76a0adb7ed4112e48fb20070ab9d7bff
2024-10-24 12:48:38 +00:00
parent e7ba339a6e
commit 25d8e56c53
2 changed files with 11 additions and 21 deletions
--- a/src/com/android/settings/security/CredentialStorage.java
+++ b/src/com/android/settings/security/CredentialStorage.java
@@ -128,22 +128,12 @@ public final class CredentialStorage extends FragmentActivity {

        final int uid = bundle.getInt(Credentials.EXTRA_INSTALL_AS_UID, KeyProperties.UID_SELF);

-        if (uid != KeyProperties.UID_SELF && !UserHandle.isSameUser(uid, Process.myUid())) {
-            final int dstUserId = UserHandle.getUserId(uid);
-
-            // Restrict install target to the wifi uid.
-            if (uid != Process.WIFI_UID) {
+        if (uid != KeyProperties.UID_SELF && uid != Process.WIFI_UID) {
+            if (!UserHandle.isSameUser(uid, Process.myUid())) {
                Log.e(TAG, "Failed to install credentials as uid " + uid + ": cross-user installs"
                        + " may only target wifi uids");
                return true;
            }
-
-            final Intent installIntent = new Intent(ACTION_INSTALL)
-                    .setPackage(getPackageName())
-                    .setFlags(Intent.FLAG_ACTIVITY_FORWARD_RESULT)
-                    .putExtras(bundle);
-            startActivityAsUser(installIntent, new UserHandle(dstUserId));
-            return true;
        }

        String alias = bundle.getString(Credentials.EXTRA_USER_KEY_ALIAS, null);