Fix missing permission check when saving pattern/password

Fixes bug 28163930 Change-Id: Ic98ef20933b352159b88fdef331e83e9ef6e1f20
author: Jim Miller <jaggies@google.com> 2016-04-13 16:35:36 -0700
committer: The Android Automerger <android-build@google.com> 2016-05-27 11:09:22 -0700
commit: 830665ebc48f81b3b6276e7f79a12e68c0baba38 (patch)
tree: fcd03dbba3cdf42220ac08ce24963114c3ffa4f2
parent: 3df0241cc1b7b97c75be26ac5d30f20f9d7cf98e (diff)
download: base-830665ebc48f81b3b6276e7f79a12e68c0baba38.tar.gz
1 files changed, 2 insertions, 0 deletions
diff --git a/services/core/java/com/android/server/LockSettingsService.java b/services/core/java/com/android/server/LockSettingsService.java
index 45e7b5eb83d5..f1678d26e119 100644
--- a/services/core/java/com/android/server/LockSettingsService.java
+++ b/services/core/java/com/android/server/LockSettingsService.java
@@ -428,6 +428,7 @@ public class LockSettingsService extends ILockSettings.Stub {
     @Override
     public void setLockPattern(String pattern, String savedCredential, int userId)
             throws RemoteException {
+        checkWritePermission(userId);
         byte[] currentHandle = getCurrentHandle(userId);
 
         if (pattern == null) {
@@ -456,6 +457,7 @@ public class LockSettingsService extends ILockSettings.Stub {
     @Override
     public void setLockPassword(String password, String savedCredential, int userId)
             throws RemoteException {
+        checkWritePermission(userId);
         byte[] currentHandle = getCurrentHandle(userId);
 
         if (password == null) {
author	Jim Miller <jaggies@google.com>	2016-04-13 16:35:36 -0700
committer	The Android Automerger <android-build@google.com>	2016-05-27 11:09:22 -0700
commit	830665ebc48f81b3b6276e7f79a12e68c0baba38 (patch)
tree	fcd03dbba3cdf42220ac08ce24963114c3ffa4f2
parent	3df0241cc1b7b97c75be26ac5d30f20f9d7cf98e (diff)
download	base-830665ebc48f81b3b6276e7f79a12e68c0baba38.tar.gz