diff options
author | Christopher Tate <ctate@google.com> | 2013-05-06 13:07:05 -0700 |
---|---|---|
committer | Nick Kralevich <nnk@google.com> | 2013-05-06 14:45:53 -0700 |
commit | d334a434a3f5f915743ce4a6f2a966c865516f0d (patch) | |
tree | 0a3e7e4640dc12665a6dc0ed44aedad6ffb2dbe0 | |
parent | b67f4071f30478ddc89b798039a03ae4309b9a02 (diff) | |
download | base-ics-mr1.tar.gz |
Ensure install-during-restore is like install-then-restoreics-mr1
When we've installed an apk from the archive, recheck whether
to apply the system-uid policy restrictions around file system
restores.
Bug 8833099
(cherry picked from commit 2baf6dcfcf7fc1705db25e64dc0cb11fa3509d39)
Change-Id: Ida5f7493694cb1d7544cd99a9b7a747f92cdb406
-rw-r--r-- | services/java/com/android/server/BackupManagerService.java | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/services/java/com/android/server/BackupManagerService.java b/services/java/com/android/server/BackupManagerService.java index 07420ad60ddc..90c36a5e7aab 100644 --- a/services/java/com/android/server/BackupManagerService.java +++ b/services/java/com/android/server/BackupManagerService.java @@ -3515,7 +3515,16 @@ class BackupManagerService extends IBackupManager.Stub { } else { // So far so good -- do the signatures match the manifest? Signature[] sigs = mManifestSignatures.get(info.packageName); - if (!signaturesMatch(sigs, pkg)) { + if (signaturesMatch(sigs, pkg)) { + // If this is a system-uid app without a declared backup agent, + // don't restore any of the file data. + if ((pkg.applicationInfo.uid < Process.FIRST_APPLICATION_UID) + && (pkg.applicationInfo.backupAgentName == null)) { + Slog.w(TAG, "Installed app " + info.packageName + + " has restricted uid and no agent"); + okay = false; + } + } else { Slog.w(TAG, "Installed app " + info.packageName + " signatures do not match restore manifest"); okay = false; |