commit 408abf7f1bec3253675d0225300d7ee39481d286
author Svet Ganov <svetoslavganov@google.com> Tue May 12 19:13:36 2015 -0700
committer Svetoslav <svetoslavganov@google.com> Mon May 18 15:14:24 2015 -0700
tree 53eabf6d9576627fb8afebc3f70c6adfc1745a2a
parent beda8613ad7bc01affa17857faed04d9589db34c

Do not report WiFi and Bluetooth MAC addresses - framework.

As a part of the new runtime permissions work we are limiting
the PII apps can access. BT and WiFi MAC addresses are PII and
based on our research there is no valid use case for app dev
to get these addresses aside of user tracking which we are
trying to limit.

bug:21078858

Change-Id: Ib48223b272c0fd4f5c36acc889d4f44df204b309

core/res/AndroidManifest.xml

diff --git a/core/res/AndroidManifest.xml b/core/res/AndroidManifest.xml
index 608d718..595f9f0 100644
--- a/core/res/AndroidManifest.xml
+++ b/core/res/AndroidManifest.xml
@@ -898,7 +898,9 @@
         android:label="@string/permlab_changeWimaxState"
         android:protectionLevel="dangerous" />
 
-    <!-- Allows applications to act as network scorers. @hide @SystemApi-->
+    <!--@SystemApi Allows applications to the the local WiFi and Bluetooth MAC address.
+        @hide
+    -->
     <permission android:name="android.permission.SCORE_NETWORKS"
         android:protectionLevel="signature|system" />
 
@@ -2447,6 +2449,10 @@
     <permission android:name="android.permission.KILL_UID"
                 android:protectionLevel="signature" />
 
+    <!-- Allows applications to act as network scorers. @hide @SystemApi-->
+    <permission android:name="android.permission.LOCAL_MAC_ADDRESS"
+                android:protectionLevel="signature" />
+
     <!-- The system process is explicitly the only one allowed to launch the
          confirmation UI for full backup/restore -->
     <uses-permission android:name="android.permission.CONFIRM_FULL_BACKUP"/>