diff options
| author | Raman Tenneti <rtenneti@google.com> | 2019-09-16 15:22:08 -0700 |
|---|---|---|
| committer | Vasyl Gello <vasek.gello@gmail.com> | 2019-12-03 08:58:37 +0000 |
| commit | 71e9f931f0b06e9df5886d31de6eef913ade6971 (patch) | |
| tree | 0e8f969dd4df32c32320b765d2bacc1e6dd18ea0 | |
| parent | b0c2492c976de0642b4be68868bcf9292945125e (diff) | |
| download | android_packages_apps_Email-71e9f931f0b06e9df5886d31de6eef913ade6971.tar.gz android_packages_apps_Email-71e9f931f0b06e9df5886d31de6eef913ade6971.tar.bz2 android_packages_apps_Email-71e9f931f0b06e9df5886d31de6eef913ade6971.zip | |
AOSP/Email - Secure UPDATE_WIDGET receiver with a new permission
The update methods sends a broadcast with the account name, the folder, etc.
This implicitly bypasses the GET_ACCOUNT permission if a third-party
applications listens to this broadcast.
- Introduce a new app permission
- com.android.email.permission.GET_WIDGET_UPDATE
- Now the com.android.email.permission.GET_WIDGET_UPDATE is required to
- receive the emitted broadcast
- Add this permission to our existing widgets.
Ported changes from cr/106302205
- added uses-permission GET_WIDGET_UPDATE, so Gmail app has the permission to receive the intent
Bug: 139803872
Test: manual - Ran the following tests on Pixel phone. Tested the email UI.
$ make -j 40
$ make Email -j
$ make EmailTests -j
-rw-r--r-- 1 rtenneti primarygroup 6356400 Sep 16 14:10 out/target/product/marlin/testcases/Email/arm64/Email.apk
-rw-r--r-- 1 rtenneti primarygroup 389599 Sep 16 14:18 out/target/product/marlin/testcases/EmailTests/arm64/EmailTests.apk
$ adb install -r -d -g out/target/product/marlin/testcases/Email/arm64/Email.apk
$ adb install -r -d -g out/target/product/marlin/testcases/EmailTests/arm64/EmailTests.apk
$ adb shell am instrument -w com.android.email.tests
Time: 34.746
OK (157 tests)
$ atest EmailTests
Summary
-------
EmailTests: Passed: 157, Failed: 0, Ignored: 0, Assumption Failed: 0
All tests passed!
$ adb install ../security_attack/bug_139803872/poc.apk
Captured the logcat output at rtenneti's x20web logcat.out.0916.1503
while reproducting the steps in b/139803872#comment3
Change-Id: I6eea128c20b555b38d325e3706473bb18080bedd
Merged-In: I6eea128c20b555b38d325e3706473bb18080bedd
(cherry picked from commit d1be7a4fbe555a00d2c7f494e7ab5cc7a442ac87)
| -rwxr-xr-x | AndroidManifest.xml | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/AndroidManifest.xml b/AndroidManifest.xml index 67cf0e9a4..398ed3fce 100755 --- a/AndroidManifest.xml +++ b/AndroidManifest.xml @@ -66,6 +66,14 @@ <uses-permission android:name="android.permission.USE_CREDENTIALS"/> + <!-- Permission to get widget updates. The associated broadcast gives the + account and the characteristics of the folder. --> + <permission + android:name="com.android.email.permission.GET_WIDGET_UPDATE" + android:protectionLevel="signature" + android:label="@string/permission_update_widget_label" + android:description="@string/permission_update_widget_desc"/> + <!-- Grant permission to system apps to access provider (see provider below) --> <permission android:name="com.android.email.permission.ACCESS_PROVIDER" |