Add update packages permission
This subset of INSTALL_PACKAGES allows a privileged application to
install updates to existing applications but not install new
applications.
When combined with INSTALL_SELF_UPDATES this allows privileged apps to
be granted finely scoped install privileges based on their intended
usage instead of the more broad INSTALL_PACKAGES permission.
Test: WIP
Bug: 68731532
Change-Id: Ifbb6f5a18d9e8ff06270fd79ed031b99242c6fa3
diff --git a/core/res/AndroidManifest.xml b/core/res/AndroidManifest.xml
index 6b89489..79fc965 100644
--- a/core/res/AndroidManifest.xml
+++ b/core/res/AndroidManifest.xml
@@ -2813,6 +2813,14 @@
<permission android:name="android.permission.INSTALL_SELF_UPDATES"
android:protectionLevel="signature|privileged" />
+ <!-- @SystemApi Allows an application to install updates. This is a limited version
+ of {@link android.Manifest.permission#INSTALL_PACKAGES}.
+ <p>Not for use by third-party applications.
+ @hide
+ -->
+ <permission android:name="android.permission.INSTALL_PACKAGE_UPDATES"
+ android:protectionLevel="signature|privileged" />
+
<!-- @SystemApi Allows an application to clear user data.
<p>Not for use by third-party applications
@hide