Reduction of networkCreateVpn() permission Change permission from CONNECTIVITY_INTERNAL to NETWORK_STACK Test: runtests.sh pass Test: connect vpn, browse website pass Change-Id: I9a7d08e08593dda64e901a369bc6431c977f4904

commit: 87f1ec9b2a71e1b7aa69689aaa832920a94c8009 [log] [tgz]
author: Ken Chen <cken@google.com> Tue Dec 18 20:15:28 2018 +0800
committer: Ken Chen <cken@google.com> Wed Dec 19 11:13:49 2018 +0800
tree: 75553e91928ebceef76f95890240599275b4929f
parent: 67cd14ce46a4ff740d42aa444bc4e69215fe8d99 [diff] [blame]
diff --git a/server/NetdNativeService.cpp b/server/NetdNativeService.cpp
index f9a83e4..f9416ec 100644
--- a/server/NetdNativeService.cpp
+++ b/server/NetdNativeService.cpp

@@ -350,7 +350,7 @@
 }
 
 binder::Status NetdNativeService::networkCreateVpn(int32_t netId, bool secure) {
-    ENFORCE_PERMISSION(CONNECTIVITY_INTERNAL);
+    ENFORCE_PERMISSION(NETWORK_STACK);
     auto entry = gLog.newEntry().prettyFunction(__PRETTY_FUNCTION__).args(netId, secure);
     int ret = gCtls->netCtrl.createVirtualNetwork(netId, secure);
     gLog.log(entry.returns(ret).withAutomaticDuration());
commit	87f1ec9b2a71e1b7aa69689aaa832920a94c8009	[log] [tgz]
author	Ken Chen <cken@google.com>	Tue Dec 18 20:15:28 2018 +0800
committer	Ken Chen <cken@google.com>	Wed Dec 19 11:13:49 2018 +0800
tree	75553e91928ebceef76f95890240599275b4929f
parent	67cd14ce46a4ff740d42aa444bc4e69215fe8d99 [diff] [blame]