Fix issue #16013164: Externally Reported Moderate:
AppOpsService.setMode() allows setting mode for own uid without permission
Change-Id: Ic60a10f0e95f19658c61567826dff28b657efe73
diff --git a/services/core/java/com/android/server/AppOpsService.java b/services/core/java/com/android/server/AppOpsService.java
index bfa0402..176ba5d 100644
--- a/services/core/java/com/android/server/AppOpsService.java
+++ b/services/core/java/com/android/server/AppOpsService.java
@@ -368,7 +368,11 @@
@Override
public void setMode(int code, int uid, String packageName, int mode) {
- verifyIncomingUid(uid);
+ if (Binder.getCallingPid() == Process.myPid()) {
+ return;
+ }
+ mContext.enforcePermission(android.Manifest.permission.UPDATE_APP_OPS_STATS,
+ Binder.getCallingPid(), Binder.getCallingUid(), null);
verifyIncomingOp(code);
ArrayList<Callback> repCbs = null;
code = AppOpsManager.opToSwitch(code);