Fix issue #16013164: Externally Reported Moderate: AppOpsService.setMode() allows setting mode for own uid without permission Change-Id: Ic60a10f0e95f19658c61567826dff28b657efe73

commit: 133b9df951c633a1f72b7e12f8aa9ee9d7da9db6 [log] [tgz]
author: Dianne Hackborn <hackbod@google.com> Tue Jul 01 13:06:10 2014 -0700
committer: Dianne Hackborn <hackbod@google.com> Tue Jul 01 16:34:48 2014 -0700
tree: 2766d84bdc757df55bdb9dc1d13b300f85066ef8
parent: b6efe90b387e8b7bb5bf88257619e043f66e7f11 [diff] [blame]
diff --git a/services/core/java/com/android/server/AppOpsService.java b/services/core/java/com/android/server/AppOpsService.java
index bfa0402..176ba5d 100644
--- a/services/core/java/com/android/server/AppOpsService.java
+++ b/services/core/java/com/android/server/AppOpsService.java

@@ -368,7 +368,11 @@
 
     @Override
     public void setMode(int code, int uid, String packageName, int mode) {
-        verifyIncomingUid(uid);
+        if (Binder.getCallingPid() == Process.myPid()) {
+            return;
+        }
+        mContext.enforcePermission(android.Manifest.permission.UPDATE_APP_OPS_STATS,
+                Binder.getCallingPid(), Binder.getCallingUid(), null);
         verifyIncomingOp(code);
         ArrayList<Callback> repCbs = null;
         code = AppOpsManager.opToSwitch(code);
commit	133b9df951c633a1f72b7e12f8aa9ee9d7da9db6	[log] [tgz]
author	Dianne Hackborn <hackbod@google.com>	Tue Jul 01 13:06:10 2014 -0700
committer	Dianne Hackborn <hackbod@google.com>	Tue Jul 01 16:34:48 2014 -0700
tree	2766d84bdc757df55bdb9dc1d13b300f85066ef8
parent	b6efe90b387e8b7bb5bf88257619e043f66e7f11 [diff] [blame]