Grant installer and verifier install permissions robustly
bug:22248271
Change-Id: I3a47ae9a112ba7d88b421fcb5f9651d1168ba7a5
diff --git a/core/res/AndroidManifest.xml b/core/res/AndroidManifest.xml
index 8c868c9..e18e44c 100644
--- a/core/res/AndroidManifest.xml
+++ b/core/res/AndroidManifest.xml
@@ -1327,7 +1327,7 @@
that removes restrictions on where broadcasts can be sent and allows other
types of interactions. -->
<permission android:name="android.permission.INTERACT_ACROSS_USERS_FULL"
- android:protectionLevel="signature" />
+ android:protectionLevel="signature|installer" />
<!-- @SystemApi @hide Allows an application to call APIs that allow it to query and manage
users on the device. This permission is not available to
@@ -1769,7 +1769,7 @@
<!-- @SystemApi Allows an application to update application operation statistics. Not for
use by third party apps. @hide -->
<permission android:name="android.permission.UPDATE_APP_OPS_STATS"
- android:protectionLevel="signature|system" />
+ android:protectionLevel="signature|system|installer" />
<!-- @SystemApi Allows an application to open windows that are for use by parts
of the system user interface.
@@ -2016,7 +2016,7 @@
@hide
-->
<permission android:name="android.permission.CLEAR_APP_USER_DATA"
- android:protectionLevel="signature" />
+ android:protectionLevel="signature|installer" />
<!-- @SystemApi Allows an application to delete cache files.
<p>Not for use by third-party applications. -->
@@ -2041,7 +2041,7 @@
<!-- @hide Allows an application to grant or revoke specific permissions. -->
<permission android:name="android.permission.GRANT_REVOKE_PERMISSIONS"
- android:protectionLevel="signature" />
+ android:protectionLevel="signature|installer" />
<!-- @hide Allows an application to observe permission changes. -->
<permission android:name="android.permission.OBSERVE_GRANT_REVOKE_PERMISSIONS"
@@ -2552,7 +2552,7 @@
<p>Not for use by third-party applications.
@hide -->
<permission android:name="android.permission.KILL_UID"
- android:protectionLevel="signature" />
+ android:protectionLevel="signature|installer" />
<!-- Allows applications to act as network scorers. @hide @SystemApi-->
<permission android:name="android.permission.LOCAL_MAC_ADDRESS"