Gitiles
Code Review Sign In
gerrit.omnirom.org / android_packages_services_Telephony / 8661837ccf25eb7bb94487e936fea475f5325207^! / . / AndroidManifest.xml
commit8661837ccf25eb7bb94487e936fea475f5325207[log] [tgz]
authorGrant Menke <grantmenke@google.com>Thu Aug 10 17:04:22 2023 -0700
committerGrant Menke <grantmenke@google.com>Mon Aug 21 22:41:33 2023 +0000
treebbe184a598cf1b185dbdbae7890509b8a799080f
parent7f2b75fc93dd11edb9cf32612f127447bd5fa1b8 [diff] [blame]
Ensure access to multiple call settings is restricted.

This CL check if access to mobile network configurations are restricted before displaying the button to select CdmaCallForwardOptions, GsmUmtsCallForwardOptions, GsmUmtsAdditionalCallOptions, and GsmUmtsCallBarringOptions. This reolves a security vulnerability where users were able to configure these call settings mobile network setting even after the device owner had applied the no_config_mobile_networks restriction. This CL also prevents these classes from being exported and  reverts a less thorough fix to this issue that had been previously applied.

Fixes: 277579183
Test: Manual using adb + POC malicous apk
Change-Id: I9b12cbf5d5b9a1356e7d06ae7583d6c5047db31c

diff --git a/AndroidManifest.xml b/AndroidManifest.xml
index 8d03ed7..eef01fa 100644
--- a/AndroidManifest.xml
+++ b/AndroidManifest.xml

@@ -279,7 +279,7 @@
         <activity android:name="GsmUmtsCallForwardOptions"
                 android:label="@string/labelCF"
                 android:configChanges="orientation|screenSize|keyboardHidden"
-                android:exported="true"
+                android:exported="false"
                 android:theme="@style/CallSettingsWithoutDividerTheme">
             <intent-filter>
                 <action android:name="android.intent.action.MAIN" />
@@ -289,7 +289,7 @@
         <activity android:name="CdmaCallForwardOptions"
                 android:label="@string/labelCF"
                 android:configChanges="orientation|screenSize|keyboardHidden"
-                android:exported="true"
+                android:exported="false"
                 android:theme="@style/CallSettingsWithoutDividerTheme">
             <intent-filter>
                 <action android:name="android.intent.action.MAIN" />
@@ -299,7 +299,7 @@
         <activity android:name="GsmUmtsCallBarringOptions"
                 android:label="@string/labelCallBarring"
                 android:configChanges="orientation|screenSize|keyboardHidden"
-                android:exported="true"
+                android:exported="false"
                 android:theme="@style/DialerSettingsLight">
             <intent-filter>
                 <action android:name="android.intent.action.MAIN" />
@@ -309,7 +309,7 @@
         <activity android:name="GsmUmtsAdditionalCallOptions"
                 android:label="@string/labelGSMMore"
                 android:configChanges="orientation|screenSize|keyboardHidden"
-                android:exported="true"
+                android:exported="false"
                 android:theme="@style/CallSettingsWithoutDividerTheme">
             <intent-filter>
                 <action android:name="android.intent.action.MAIN" />