This allows you to specify that a permission can be granted to
any pre-installed system app (not just privileged ones).
And as long as I am doing this, clean up the old "system" permission
flag, renaming it to "privileged" which is what it really is today,
deprecating the old names. And switch the platform's permission
declarations to use the new name.
Change-Id: Iabf484746af232144786851ec7fe90e3de9dddb2
Raised the protection level of WRITE_SETTINGS permission to appop and also
allowed backwards compatibility with pre23 flag.
Introduced new action to manage write system settings as a new API and
renamed the string that describes the managing of overlay permission.
Change-Id: I939a95b9a8b1ae75bf67aa6d8190c92a8d2001d3
Typical apps are restricted so they can only view shared storage
belonging to the user they're running as. However, a handful of
system components need access to shared storage across all users,
such as DefaultContainerService and SystemUI.
Since WRITE_MEDIA_STORAGE already offers this functionality by
bypassing any FUSE emulation, reuse it to grant the "sdcard_rw" GID
which is no longer handed out to third-party apps. Then we change
the FUSE daemon to allow the "sdcard_rw" GID to see shared storage
of all users.
Bug: 19995822
Change-Id: I504c2a179ba74f142ed0d32da5baa69f4212cd82
...to an explicit toggle to enable in Settings
Add a new permission flag, saying the permission can be automatically
granted to pre-api-23 apps. Apply this to SYSTEM_ALERT_WINDOW.
Change-Id: I24a0ceabe7e9f5e458a864d30eda2696ad14a699
to be manually enabled in Settings.
Raised the protection level of SYSTEM_ALERT_WINDOW from dangerous to
system|signature|appop. Added a new API in Settings for developers to invoke
the main configuration setting. Also added a new metrics in MetricsLogger.
Finally, also made changes to PhoneWindowManager to check the permission to draw
overlay properly.
Change-Id: I4a073e6f038b8b8d2fa5bd6ad60abda496be9701
1. Add the permission protection level in the java doc
2. Make some system permissions that are not mean to be
used by third-parties system API.
bug:21402257
Change-Id: Ic0ae8d6ca44dbbbf12848a9164acc0e908c90402
All options are sent to the VoiceInteractor once ChooserTargetServices
have reported in. We don't perform explicit progressive refinement or
filtering, but an explicit option picked will be invoked.
Also fix a lingering bug around being able to nested-fling the
resolver drawer closed.
Bug 21516866
Change-Id: I6b141f5fa87d74dccec9dcb88110630696e9c38e
Removing the read/write profile/social stream permissions as they
are not needed anymore. These permissions are for accessing data
nested in the conacts provider which is already guaded by the
read/write contacts runtime permissions. The removed permissions
would be in the contacts group which means they would not provide
more protection compated to read/write contacts. Also removing
the permissions voids the need for app op support for legacy apps.
Removed deprecated APIs for social streams as these were deprecated
and will go away in the next release. We want apps targeting M to
not be able to compile if still suing these APIs to help with
migration.
Change-Id: I26ed9055847af7f92c78eb0f4ac8f9f1aa616fcd
We have a new storage permission group that has read and
write external storage. However, read external storage is
(not a regression) a normal permission while write is a
dangerous one. This leads to cases where the user disables
the Storage permission and apps still read form it. This
change makes read external storage a dangerous permission.
bug:21949045
Change-Id: I7e28f629dda6e9c1f70cb20a3d5bea74fb109890
Do not go gentle into that good night,
Old age should burn and rave at close of day;
Rage, rage against the dying of the light.
Though wise men at their end know dark is right,
Because their words had forked no lightning they
Do not go gentle into that good night.
Bug: 21854466
Change-Id: I0b7cd116c23f7df88e94f31b3aee7dd22a102804
Add hidden TelecomManager.setDefaultDialer for system apps
to set the default dialer and trigger the broadcast
Bug: 21846308
Change-Id: Ifdd30cd1323ab0157edf7fd966173b6c52df6ba0
This permission guards only hidden and system APIs, hance it
should be signatureOrSystem protection level.
Change-Id: I8d2b75167c6887a285af0b494c39b4ffea2f0cbf
