Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_security / cfe79f1828c267cd92909487a7d45693a26cc299
commitcfe79f1828c267cd92909487a7d45693a26cc299[log] [tgz]
authorEran Messeri <eranm@google.com>Mon Feb 05 17:50:41 2024 +0000
committerEran Messeri <eranm@google.com>Tue Feb 06 14:58:09 2024 +0000
tree71286052fbd1a2567a89c85c457d4df8b9895bea
parent4a8dc192c3badbaa2a0b8e2a06729383fe431f16 [diff]
Correcting permission check for App UIDs listing

Correct the permission check for the Keystore maintenance method
that returns the list of app UIDs which have keys that are
bound to a specific SID.

The previous check relied on SELinux policies. But the Settings
app that calls this method has a permission - MANAGE_USERS -
that is more appropriate to check.

Bug: 302109605
Test: Manual.
Change-Id: Ia26256cf995d16d03d0bb92d8b237f7bbea30d07
3 files changed
tree: 71286052fbd1a2567a89c85c457d4df8b9895bea
  1. fsverity/
  2. fsverity_init/
  3. identity/
  4. keystore/
  5. keystore-engine/
  6. keystore2/
  7. ondevice-signing/
  8. prng_seeder/
  9. provisioner/
  10. rustfmt.toml ⇨ ../../build/soong/scripts/rustfmt.toml
  11. .clang-format
  12. .gitignore
  13. Android.bp
  14. METADATA
  15. MODULE_LICENSE_APACHE2
  16. NOTICE
  17. OWNERS
  18. PREUPLOAD.cfg