commit e13e48d6fc98d8fdf3b366f1f4eb5086b240df6d
author Kenny Root <kroot@google.com> Tue Aug 09 13:58:26 2011 -0700
committer Android (Google) Code Review <android-gerrit@google.com> Tue Aug 09 13:58:26 2011 -0700
tree f520e0b7bb9ddc507f1c3821f6acca49a16767f1
parent 61ccc6a203e1b0fb235a4eed2b40e0c080f57f0c
parent 461ff1f03c803a9a0a01f6a834101f811ea85c61

Merge "Add security checks for new API"

services/java/com/android/server/pm/PackageManagerService.java

diff --git a/services/java/com/android/server/pm/PackageManagerService.java b/services/java/com/android/server/pm/PackageManagerService.java
index 463f801..6ddd7bf 100644
--- a/services/java/com/android/server/pm/PackageManagerService.java
+++ b/services/java/com/android/server/pm/PackageManagerService.java
@@ -2814,7 +2814,23 @@
         return true;
     }
 
+    /**
+     * Enforces that only the system UID or root's UID can call a method exposed
+     * via Binder.
+     *
+     * @param message used as message if SecurityException is thrown
+     * @throws SecurityException if the caller is not system or root
+     */
+    private static final void enforceSystemOrRoot(String message) {
+        final int uid = Binder.getCallingUid();
+        if (uid != Process.SYSTEM_UID && uid != 0) {
+            throw new SecurityException(message);
+        }
+    }
+
     public boolean performDexOpt(String packageName) {
+        enforceSystemOrRoot("Only the system can request dexopt be performed");
+
         if (!mNoDexOpt) {
             return false;
         }
@@ -4687,8 +4703,13 @@
     }
 
     public void finishPackageInstall(int token) {
-        if (DEBUG_INSTALL) Log.v(TAG, "BM finishing package install for " + token);
-        Message msg = mHandler.obtainMessage(POST_INSTALL, token, 0);
+        enforceSystemOrRoot("Only the system is allowed to finish installs");
+
+        if (DEBUG_INSTALL) {
+            Slog.v(TAG, "BM finishing package install for " + token);
+        }
+
+        final Message msg = mHandler.obtainMessage(POST_INSTALL, token, 0);
         mHandler.sendMessage(msg);
     }
 
@@ -7184,6 +7205,8 @@
     }
 
     public void enterSafeMode() {
+        enforceSystemOrRoot("Only the system can request entering safe mode");
+
         if (!mSystemReady) {
             mSafeMode = true;
         }
@@ -8086,12 +8109,18 @@
     }
 
     public UserInfo createUser(String name, int flags) {
+        // TODO(kroot): Add a real permission for creating users
+        enforceSystemOrRoot("Only the system can create users");
+
         // TODO(kroot): fix this API
         UserInfo userInfo = mUserManager.createUser(name, flags, new ArrayList<ApplicationInfo>());
         return userInfo;
     }
 
     public boolean removeUser(int userId) {
+        // TODO(kroot): Add a real permission for removing users
+        enforceSystemOrRoot("Only the system can remove users");
+
         if (userId == 0) {
             return false;
         }