Enforce VPN control "permission" with an actual permission. The current implementation uses a whitelist of package names. Use a system|signature permission instead of rolling our own security and add that permission to the existing set of whitelisted packages (SystemUI and VpnDialogs). In addition to being less of a security risk (using well-known methods like Context.enforceCallingPermission rather than manually querying PackageManager and checking UIDs for package names), this enables other system-privileged apps to control VPN as needed per the below bug. Bug: 18327583 Change-Id: I38617965c40d62cf1ac28e3cb382c0877fb1275d

commit: bc19c181c8c058c824e4fee907a05129e142c388 [log] [tgz]
author: Jeff Davidson <jpd@google.com> Tue Nov 11 13:20:01 2014 -0800
committer: Jeff Davidson <jpd@google.com> Wed Nov 12 08:56:20 2014 -0800
tree: 666427f56a5be8afe891bc975343240f9ffbe654
parent: da772234f6f9498bf02f31448bda16e9fcbd6bd2 [diff] [blame]
diff --git a/packages/SystemUI/AndroidManifest.xml b/packages/SystemUI/AndroidManifest.xml
index b3e60d1..5f024ac 100644
--- a/packages/SystemUI/AndroidManifest.xml
+++ b/packages/SystemUI/AndroidManifest.xml

@@ -55,6 +55,7 @@
     <uses-permission android:name="android.permission.MANAGE_NETWORK_POLICY" />
     <uses-permission android:name="android.permission.CONNECTIVITY_INTERNAL" />
     <uses-permission android:name="android.permission.READ_NETWORK_USAGE_HISTORY" />
+    <uses-permission android:name="android.permission.CONTROL_VPN" />
 
     <!-- Physical hardware -->
     <uses-permission android:name="android.permission.MANAGE_USB" />
commit	bc19c181c8c058c824e4fee907a05129e142c388	[log] [tgz]
author	Jeff Davidson <jpd@google.com>	Tue Nov 11 13:20:01 2014 -0800
committer	Jeff Davidson <jpd@google.com>	Wed Nov 12 08:56:20 2014 -0800
tree	666427f56a5be8afe891bc975343240f9ffbe654
parent	da772234f6f9498bf02f31448bda16e9fcbd6bd2 [diff] [blame]