Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

6 months worth of security patches! #8

Open
wants to merge 9 commits into
base: 12.1
Choose a base branch
from
Open

6 months worth of security patches! #8

wants to merge 9 commits into from

Commits on Aug 8, 2023

  1. Add DISALLOW_APPS_CONTROL check into uninstall app for all users 

    Settings App info page supports a "Uninstall for all users" function
when multiple users are enabled. It bypasses the restriction of
DISALLOW_APPS_CONTROL which breaks the user isolation guideline.

To fix this vulnerability, we should check the DISALLOW_APPS_CONTROL
restriction to provide the "Uninstall for all users" function.

Bug: 258653813
Test: manual & robotests
Change-Id: I5d3bbcbaac439c4f7a1e6a9ade7775ff4f2f2ec6
Merged-In: I5d3bbcbaac439c4f7a1e6a9ade7775ff4f2f2ec6
(cherry picked from commit 16500a7ada6b0730bec2787055667c4394fa3468)
Merged-In: I5d3bbcbaac439c4f7a1e6a9ade7775ff4f2f2ec6
    @Meghthedev
    Yanting Yang authored and Meghthedev committed Aug 8, 2023
    Configuration menu
    Copy the full SHA
    520b8d0 View commit details
    Browse the repository at this point in the history

  2. Settings 2-pane deep link vulnerabilities 

    Settings app must not start an deep link Activity if
1. The deep link Activity is not exported.
or
2. Calling package does not have the permission to
   start the deep link Activity.

Bug: 250589026
Test: make RunSettingsRoboTests ROBOTEST_FILTER=SettingsHomepageActivityTest
Change-Id: I9a3bddfa5d9d1d2e924dd6f3e5e07dca6c11664f
Merged-In: I9a3bddfa5d9d1d2e924dd6f3e5e07dca6c11664f
(cherry picked from commit 434c8934c4aa416931a66626016d94712e47d617)
Merged-In: I9a3bddfa5d9d1d2e924dd6f3e5e07dca6c11664f
    @ArcWangInGoogle @Meghthedev
    ArcWangInGoogle authored and Meghthedev committed Aug 8, 2023
    Configuration menu
    Copy the full SHA
    2014f44 View commit details
    Browse the repository at this point in the history

  3. Allow 2-pane deep link to access unexported Activity 

    If an Activity is not exported, the Activity still can be
launched by components of the same application, applications
with the same user ID, or privileged system components.

Bug: 261678674
Bug: 250589026
Test: manual visual
      Launcher -> context menu -> Wallpaper & style
Change-Id: I662df6cb287361b135e2c596abe946ddeb03bda4
Merged-In: I662df6cb287361b135e2c596abe946ddeb03bda4
(cherry picked from commit 04989073225435ffdbd04f795dcc99c269fa35d5)
Merged-In: I662df6cb287361b135e2c596abe946ddeb03bda4
    @ArcWangInGoogle @Meghthedev
    ArcWangInGoogle authored and Meghthedev committed Aug 8, 2023
    Configuration menu
    Copy the full SHA
    1dd8d32 View commit details
    Browse the repository at this point in the history

  4. Check Uri permission for FLAG_GRANT_READ/WRITE_URI_PERMISSION 

    To improve security, calling app must be granted Uri permission
if it sets FLAG_GRANT_READ/WRITE_URI_PERMISSION in the Intent of
ACTION_SETTINGS_EMBED_DEEP_LINK_ACTIVITY.

Bug: 250589026
Test: manual
Change-Id: I48f88c662b843212b1066369badff84cf98935a8
Merged-In: I48f88c662b843212b1066369badff84cf98935a8
(cherry picked from commit 0f7f913281fff39d533b4ae325ba2fd11f0ae204)
Merged-In: I48f88c662b843212b1066369badff84cf98935a8
    @ArcWangInGoogle @Meghthedev
    ArcWangInGoogle authored and Meghthedev committed Aug 8, 2023
    Configuration menu
    Copy the full SHA
    645e563 View commit details
    Browse the repository at this point in the history

  5. Only primary user is allowed to control secure nfc 

    Bug: 238298970
Test: manual
Merged-In: I945490ef1e62af479a732c9a260ed94bdd8bc313
Change-Id: I945490ef1e62af479a732c9a260ed94bdd8bc313
(cherry picked from commit 0e57ff90cdae3575c243d21d490e2b6384d33397)
Merged-In: I945490ef1e62af479a732c9a260ed94bdd8bc313
    @Meghthedev
    Jack Yu authored and Meghthedev committed Aug 8, 2023
    Configuration menu
    Copy the full SHA
    82a4095 View commit details
    Browse the repository at this point in the history

  6. [DO NOT MERGE] Enforce INTERACT_ACROSS_USERS_FULL permission for Noti… 

    …ficationAccessDetails

 When using EXTRA_USER_HANDLE, check for INTERACT_ACROSS_USERS_FULL permission on calling package.

Bug: 259385017
Test: 1. Build a test app that creates and starts an intent to NOTIFICATION_LISTENER_DETAIL_SETTINGS while setting the intent extra  android.intent.extra.user_handle to UserHandle(secondaryUserId).
 2. Create and switch to a secondary user
Settings > System > Multiple users > Allow multiple users > Add user > Switch to New user
 3. Open Settings > Notifications > Device & app notifications and choose an app from the list (uses android.permission.BIND_NOTIFICATION_LISTENER_SERVICE). Enable Device & app notifications for selected app and disable all attributed permissions.
 4. Switch back to the Owner user.
 5. Get the userId of the secondary user: adb shell pm list users.
 6. Open the test app and enter the userId for the secondary user and the component name that uses android.permission.BIND_NOTIFICATION_LISTENER_SERVICE.
 8. In the settings window that open, enable all 4 sub-options.
 9. Switch to the secondary user and note that the all sub-options for the app are disabled.

Change-Id: I875b9f2fc32c252acdcf8374a14067836e0f1ac6
(cherry picked from commit on googleplex-android-review.googlesource.com host: 9a7bd79ca3ba7918e78e88b9638524887473d16c)
Merged-In: I875b9f2fc32c252acdcf8374a14067836e0f1ac6
    @Meghthedev
    Valentin Iftime authored and Meghthedev committed Aug 8, 2023
    Configuration menu
    Copy the full SHA
    2f942be View commit details
    Browse the repository at this point in the history

  7. Convert argument to intent in AddAccountSettings. 

    Bug: 265798353
Test: manual
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:c7e8052b527434ed8660e3babdab718f7f3cd7da)
Merged-In: I0051e5d5fc9fd3691504cb5fbb959f701e0bce6a
Change-Id: I0051e5d5fc9fd3691504cb5fbb959f701e0bce6a
    @Meghthedev
    Dmitry Dementyev authored and Meghthedev committed Aug 8, 2023
    Configuration menu
    Copy the full SHA
    8074aca View commit details
    Browse the repository at this point in the history

  8. Don't show NLSes with excessively long component names 

    Test: install test app with long CN
Test: ServiceListingTest
Bug: 260570119
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:52a102cc2a408657230c757054e6979e1c76d6fb)
Merged-In: I3ffd02f6cf6bf282e7fc264fd070ed3add4d8571
Change-Id: I3ffd02f6cf6bf282e7fc264fd070ed3add4d8571
    @Meghthedev
    Julia Reynolds authored and Meghthedev committed Aug 8, 2023
    Configuration menu
    Copy the full SHA
    a2ec2b5 View commit details
    Browse the repository at this point in the history

  9. Fix: Bluetooth and Wifi scanning location MainSwitch page policy tran… 

    …sparency.

When DISALLOW_CONFIG_LOCATION is set, make location service's
MainSwitchPreference pages for wifi scanning and bluetooth scanning
unavailable too, so that intent direct access is disabled.

screenshot: http://shortn/_kkK3BMTSh1

Bug: 277333746
Bug: 277333781
Test: atest SettingsRoboTests, on device
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:7591fff234886e79c5d0210a2cf3282a69de9be9)
Merged-In: I52f9a11b1dd78a5e5dbb1bbde3cda7381c87ae39
Change-Id: I52f9a11b1dd78a5e5dbb1bbde3cda7381c87ae39
    @Meghthedev
    Lin Yuan authored and Meghthedev committed Aug 8, 2023
    Configuration menu
    Copy the full SHA
    c5a654b View commit details
    Browse the repository at this point in the history