Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / frameworks / base / 47d2c97e7084a676fe2b4d96683912279046b28c^1..47d2c97e7084a676fe2b4d96683912279046b28c / .
commit47d2c97e7084a676fe2b4d96683912279046b28c[log] [tgz]
authorJeff Sharkey <jsharkey@android.com>Fri Nov 14 19:33:49 2014 +0000
committerAndroid Git Automerger <android-git-automerger@android.com>Fri Nov 14 19:33:49 2014 +0000
tree9d1cedc32c5eb98d599ddbe82364af2057e7ce19
parent55c741a7360fcf66fb295b127a48feb73cab97f6 [diff]
parent27936ad3a677509fab1174c7b6655c894f018143 [diff]
am 27936ad3: Merge "Block loading WebView in privileged processes." into lmp-mr1-dev

* commit '27936ad3a677509fab1174c7b6655c894f018143':
  Block loading WebView in privileged processes.

diff --git a/core/java/android/webkit/WebViewFactory.java b/core/java/android/webkit/WebViewFactory.java
index 7b23d8f..474ef42 100644
--- a/core/java/android/webkit/WebViewFactory.java
+++ b/core/java/android/webkit/WebViewFactory.java

@@ -18,8 +18,8 @@
 
 import android.annotation.SystemApi;
 import android.app.ActivityManagerInternal;
-import android.app.Application;
 import android.app.AppGlobals;
+import android.app.Application;
 import android.content.Context;
 import android.content.pm.ApplicationInfo;
 import android.content.pm.PackageInfo;
@@ -34,14 +34,14 @@
 import android.text.TextUtils;
 import android.util.AndroidRuntimeException;
 import android.util.Log;
+
 import com.android.server.LocalServices;
+
 import dalvik.system.VMRuntime;
 
 import java.io.File;
 import java.util.Arrays;
 
-import com.android.internal.os.Zygote;
-
 /**
  * Top level factory, used creating all the main WebView implementation classes.
  *
@@ -91,6 +91,12 @@
             // us honest and minimize usage of WebView internals when binding the proxy.
             if (sProviderInstance != null) return sProviderInstance;
 
+            final int uid = android.os.Process.myUid();
+            if (uid == android.os.Process.ROOT_UID || uid == android.os.Process.SYSTEM_UID) {
+                throw new UnsupportedOperationException(
+                        "For security reasons, WebView is not allowed in privileged processes");
+            }
+
             Trace.traceBegin(Trace.TRACE_TAG_WEBVIEW, "WebViewFactory.getProvider()");
             try {
                 Trace.traceBegin(Trace.TRACE_TAG_WEBVIEW, "WebViewFactory.loadNativeLibrary()");