Encryption is required when using 'adb backup' on encrypted devices,
but the UI has not been enforcing this. The failure mode is quite
confusing: the user can tap "back up my data" with no encryption
phrase supplied, and the confirmation activity disappears, but
the backup doesn't actually happen.
We now disallow confirming the backup unless a non-empty passphrase
has been entered into the UI.
In addition, tapping "do not back up my data" now finishes
the confirmation activity instead of just leaving it in a
confusing "dead" state.
Bug 19081192
Change-Id: I9ca69a08ff4322fe25129f9ca880b066c31525d0
New behavior. Backup no longer uses the encryption password. This is in
part because that is hard with patterns, in part because it is a security
issue - the off line backup is much easier to brute force than the phone.
Instead, we simply insist on an encryption password if your device is encrypted
and locked.
Bug: 17159330
Change-Id: Ia22f84722522abf0b569a3ef1e16ead5527c726d
"signatureOrSystem" permissions are no longer available to all apps
residing en the /system partition. Instead, there is a new /system/priv-app
directory, and only apps whose APKs are in that directory are allowed
to use signatureOrSystem permissions without sharing the platform cert.
This will reduce the surface area for possible exploits of system-
bundled applications to try to gain access to permission-guarded
operations.
The ApplicationInfo.FLAG_SYSTEM flag continues to mean what it is
says in the documentation: it indicates that the application apk was
bundled on the /system partition. A new hidden flag FLAG_PRIVILEGED
has been introduced that reflects the actual right to access these
permissions.
At some point the "system" permission category will be
renamed to "privileged".
Bug 8765951
Change-Id: I6f0fd9cdb9170e076dfc66d83ecea76f8dd7335d
The confirmation UI did not request the needed permission, so was failing
to communicate with the mount service; as a "safe" failure mode, it was
assuming the device was encrypted. Fixed; now it presents the correct
prompt text for the device's encryption state.
Bug 5958195
Change-Id: Ic03db16673b89d3377e0362a09cf51bfb572d78b
This supersedes any backup-password that the user might supply. Per
design, the device encryption password is also always used to encrypt
the backup archive.
The CL introduces two new strings, used for prompting the user for
their device encryption password rather than their settings-defined
"backup password" when confirming a full backup or restore operation.
Bug 5382487
Change-Id: I0b03881b45437c944eaf636b6209278e1bba7a9f
Since the confirmation uses the same Activity but different layouts
for the backup vs restore cases, we have to do the title in code.
Along the way, fix the restore layout's padding [the backup layout
was already right].
Fixes bug 5164470
Change-Id: I4d636f666d97fc377e9cf36abf08d1625a05577f
