android_frameworks_base

drgreen/android_frameworks_base

Fork 0

Commit Graph

Author	SHA1	Message	Date
Christopher Tate	ccbf84f44c	Some system apps are more system than others "signatureOrSystem" permissions are no longer available to all apps residing en the /system partition. Instead, there is a new /system/priv-app directory, and only apps whose APKs are in that directory are allowed to use signatureOrSystem permissions without sharing the platform cert. This will reduce the surface area for possible exploits of system- bundled applications to try to gain access to permission-guarded operations. The ApplicationInfo.FLAG_SYSTEM flag continues to mean what it is says in the documentation: it indicates that the application apk was bundled on the /system partition. A new hidden flag FLAG_PRIVILEGED has been introduced that reflects the actual right to access these permissions. At some point the "system" permission category will be renamed to "privileged". Bug 8765951 Change-Id: I6f0fd9cdb9170e076dfc66d83ecea76f8dd7335d	2013-06-17 12:47:35 -07:00
Chia-chi Yeh	5db03df1ff	VpnDialogs: prepare for the usages of legacy VPN. - Use PendingIntent to start activities. - Handle configs without package names. - Switch to system UID. Change-Id: Ia78112a97e3628b603d9e059705e32694ebe142b	2011-07-01 00:10:32 -07:00
Chia-chi Yeh	19f054b0f6	The UI part of the user space VPN support. Change-Id: Ia9b7d516f977bc0fa7c30f44ff8111466838d1aa	2011-06-03 17:06:29 -07:00

Author

SHA1

Message

Date

Christopher Tate

ccbf84f44c

Some system apps are more system than others

"signatureOrSystem" permissions are no longer available to all apps
residing en the /system partition.  Instead, there is a new /system/priv-app
directory, and only apps whose APKs are in that directory are allowed
to use signatureOrSystem permissions without sharing the platform cert.
This will reduce the surface area for possible exploits of system-
bundled applications to try to gain access to permission-guarded
operations.

The ApplicationInfo.FLAG_SYSTEM flag continues to mean what it is
says in the documentation: it indicates that the application apk was
bundled on the /system partition.  A new hidden flag FLAG_PRIVILEGED
has been introduced that reflects the actual right to access these
permissions.

At some point the "system" permission category will be
renamed to "privileged".

Bug 8765951

Change-Id: I6f0fd9cdb9170e076dfc66d83ecea76f8dd7335d

2013-06-17 12:47:35 -07:00

Chia-chi Yeh

5db03df1ff

VpnDialogs: prepare for the usages of legacy VPN.

- Use PendingIntent to start activities.
- Handle configs without package names.
- Switch to system UID.

Change-Id: Ia78112a97e3628b603d9e059705e32694ebe142b

2011-07-01 00:10:32 -07:00

Chia-chi Yeh

19f054b0f6

The UI part of the user space VPN support.

Change-Id: Ia9b7d516f977bc0fa7c30f44ff8111466838d1aa

2011-06-03 17:06:29 -07:00

3 Commits