Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Security Patches :D #4

Open
wants to merge 35 commits into
base: eleven
Choose a base branch
from
+1,354 −311
Open

Security Patches :D #4

Changes from 1 commit
Commits
Show all changes
35 commits
Select commit Hold shift + click to select a range
58affb5
Add caller check to com.android.credentials.RESET
Jan 5, 2022
4f47540
Do not let guest user disable secure nfc
Jan 14, 2022
634ff01
Hide private DNS settings UI in Guest mode
Mar 9, 2022
4491d43
Prevent exfiltration of system files via user image settings.
Feb 25, 2022
b8937a7
[DO NOT MERGE] Verify ringtone from ringtone picker is audio
ArcWangInGoogle May 6, 2022
cef248f
Do not let guest user disable secuer nfc via SettingsSlice
May 4, 2022
2ca801a
RESTRICT AUTOMERGE Fix: policy enforcement for location wifi scanning
Jun 1, 2022
196c187
[DO NOT MERGE] Fix Settings crash when setting a null ringtone
ArcWangInGoogle May 16, 2022
7705906
[DO NOT MERGE] Fix can't change notification sound for work profile.
May 27, 2022
c1a16ca
Extract app label from component name in notification access confirma…
Apr 22, 2022
5b6f85e
Validate config activities with their rule owners
Jun 16, 2021
bf751bb
Revert "Prevent exfiltration of system files via user image settings."
Jul 27, 2022
8f834ce
Prevent exfiltration of system files via avatar picker.
Aug 26, 2022
189da23
Add FLAG_SECURE for ChooseLockPassword and Pattern
Aug 8, 2022
3f64f86
Rephrase dialog message of clear storage dialog for security concern
Oct 14, 2021
d9118be
Import translations. DO NOT MERGE ANYWHERE
Nov 4, 2021
2eca3da
Add non system overlay flag to InstallCaCertificateWarning
Nov 29, 2021
d00d678
RESTRICT AUTOMERGE Make bluetooth switch not discoverable via SliceDe…
Nov 7, 2022
901ce0a
[DO NOT MERGE] FRP bypass defense in the settings app
Jan 3, 2022
1b7e686
Add DISALLOW_APPS_CONTROL check into uninstall app for all users
Jan 4, 2023
8f9d4db
Only primary user is allowed to control secure nfc
Jul 28, 2022
6db393c
[DO NO MERGE] Enforce INTERACT_ACROSS_USERS_FULL permission for Notif…
Feb 6, 2023
e6fe218
RESTRICT AUTOMERGE Fix make Bluetooth discoverable without additional…
Oct 28, 2021
1143c0b
RESTRICT AUTOMERGE Make bluetooth not discoverable via SliceDeepLinkT…
May 10, 2022
eee68f9
Fix bypass CALL_PRIVILEGED permission in AppRestrictionsFragment
Jan 6, 2022
ee3da90
Fix LaunchAnyWhere in AppRestrictionsFragment
Apr 6, 2022
779cb71
[Settings] Move display of VPN version into summary text
Nov 18, 2021
73db739
Import translations. DO NOT MERGE ANYWHERE
Apr 28, 2022
c008af1
Convert argument to intent in AddAccountSettings.
Mar 7, 2023
9b21265
Don't show NLSes with excessively long component names
Mar 7, 2023
2df6c8e
DO NOT MERGE Don't hide approved NLSes in Settings
Jun 5, 2023
789a5d9
Settings: don't try to allow NLSes with too-long component names
Jun 15, 2023
47e900e
DO NOT MERGE: Prevent non-system IME from becoming device admin
May 19, 2023
5aca2a9
[RESTRICT AUTOMERGE] Restrict ApnEditor settings
Jul 7, 2023
afcc0a1
RESTRICT AUTOMERGE: Catch exceptions from setLockCredential()
ebiggers Jul 27, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
DO NOT MERGE Don't hide approved NLSes in Settings 
Note that an NLS that shouldn't be approvable (because its name is too long) but was already approved (either before the max length check was introduced, or through other means) will disappear from the list if the user revokes its access. This might be somewhat confusing, but since this is a very-edge case already it's fine.

Bug: 282932362
Test: manual
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:173cc267e0fb854cc7247e9f1e3acff0a325c4af)
Merged-In: Iccfe7b53d643d6c9f9516f91d3cee3309b11551e
Change-Id: Iccfe7b53d643d6c9f9516f91d3cee3309b11551e
@Meghthedev
Matías Hernández authored and Meghthedev committed Oct 9, 2023
commit 2df6c8e545fe5673710aac757798e2bab99f71b7
13 changes: 6 additions & 7 deletions src/com/android/settings/notification/NotificationAccessSettings.java
View file
Original file line number Diff line number Diff line change
@@ -94,12 +94,6 @@ public void onCreate(Bundle icicle) {
.setNoun(CONFIG.noun)
.setSetting(CONFIG.setting)
.setTag(CONFIG.tag)
.setValidator(info -> {
if (info.getComponentName().flattenToString().length() > MAX_CN_LENGTH) {
return false;
}
return true;
})
.build();
mServiceListing.addCallback(this::updateList);
setPreferenceScreen(getPreferenceManager().createPreferenceScreen(mContext));
@@ -140,6 +134,11 @@ private void updateList(List<ServiceInfo> services) {
services.sort(new PackageItemInfo.DisplayNameComparator(mPm));
for (ServiceInfo service : services) {
final ComponentName cn = new ComponentName(service.packageName, service.name);
boolean isAllowed = mNm.isNotificationListenerAccessGranted(cn);
if (!isAllowed && cn.flattenToString().length() > MAX_CN_LENGTH) {
continue;
}

CharSequence title = null;
try {
title = mPm.getApplicationInfoAsUser(
@@ -154,7 +153,7 @@ private void updateList(List<ServiceInfo> services) {
pref.setIcon(mIconDrawableFactory.getBadgedIcon(service, service.applicationInfo,
UserHandle.getUserId(service.applicationInfo.uid)));
pref.setKey(cn.flattenToString());
pref.setSummary(mNm.isNotificationListenerAccessGranted(cn)
pref.setSummary(isAllowed
? R.string.app_permission_summary_allowed
: R.string.app_permission_summary_not_allowed);
if (managedProfileId != UserHandle.USER_NULL