Merge "Lock down access to getProfiles for 3P apps" into nyc-dev
diff --git a/services/core/java/com/android/server/pm/UserManagerService.java b/services/core/java/com/android/server/pm/UserManagerService.java
index 06a91fb..60a0d62 100644
--- a/services/core/java/com/android/server/pm/UserManagerService.java
+++ b/services/core/java/com/android/server/pm/UserManagerService.java
@@ -467,13 +467,16 @@
@Override
public List<UserInfo> getProfiles(int userId, boolean enabledOnly) {
+ boolean returnFullInfo = true;
if (userId != UserHandle.getCallingUserId()) {
checkManageUsersPermission("getting profiles related to user " + userId);
+ } else {
+ returnFullInfo = hasManageUsersPermission();
}
final long ident = Binder.clearCallingIdentity();
try {
synchronized (mUsersLock) {
- return getProfilesLU(userId, enabledOnly);
+ return getProfilesLU(userId, enabledOnly, returnFullInfo);
}
} finally {
Binder.restoreCallingIdentity(ident);
@@ -481,7 +484,7 @@
}
/** Assume permissions already checked and caller's identity cleared */
- private List<UserInfo> getProfilesLU(int userId, boolean enabledOnly) {
+ private List<UserInfo> getProfilesLU(int userId, boolean enabledOnly, boolean fullInfo) {
UserInfo user = getUserInfoLU(userId);
ArrayList<UserInfo> users = new ArrayList<UserInfo>(mUsers.size());
if (user == null) {
@@ -503,7 +506,14 @@
if (profile.partial) {
continue;
}
- users.add(userWithName(profile));
+ UserInfo userInfo = userWithName(profile);
+ // If full info is not required - clear PII data to prevent 3P apps from reading it
+ if (!fullInfo) {
+ userInfo = new UserInfo(userInfo);
+ userInfo.name = null;
+ userInfo.iconPath = null;
+ }
+ users.add(userInfo);
}
return users;
}