Fix missing permission check when saving pattern/password

Fixes bug 28163930 Change-Id: Ic98ef20933b352159b88fdef331e83e9ef6e1f20
author: Jim Miller <jaggies@google.com> 2016-04-13 16:35:36 -0700
committer: The Android Automerger <android-build@google.com> 2016-05-27 10:29:12 -0700
commit: 3c8552b1fcb190a7d5010921fd89562d8519416e (patch)
tree: af3913e26012f27c423f60adaff579d21f4c62ce
parent: d0a8a19ce77ce9eff5493168e1a258316131e56f (diff)
download: base-3c8552b1fcb190a7d5010921fd89562d8519416e.tar.gz
1 files changed, 2 insertions, 0 deletions
diff --git a/services/core/java/com/android/server/LockSettingsService.java b/services/core/java/com/android/server/LockSettingsService.java
index f1d7da4ee629..55682c2c7e3d 100644
--- a/services/core/java/com/android/server/LockSettingsService.java
+++ b/services/core/java/com/android/server/LockSettingsService.java
@@ -424,6 +424,7 @@ public class LockSettingsService extends ILockSettings.Stub {
     @Override
     public void setLockPattern(String pattern, String savedCredential, int userId)
             throws RemoteException {
+        checkWritePermission(userId);
         byte[] currentHandle = getCurrentHandle(userId);
 
         if (pattern == null) {
@@ -452,6 +453,7 @@ public class LockSettingsService extends ILockSettings.Stub {
     @Override
     public void setLockPassword(String password, String savedCredential, int userId)
             throws RemoteException {
+        checkWritePermission(userId);
         byte[] currentHandle = getCurrentHandle(userId);
 
         if (password == null) {
author	Jim Miller <jaggies@google.com>	2016-04-13 16:35:36 -0700
committer	The Android Automerger <android-build@google.com>	2016-05-27 10:29:12 -0700
commit	3c8552b1fcb190a7d5010921fd89562d8519416e (patch)
tree	af3913e26012f27c423f60adaff579d21f4c62ce
parent	d0a8a19ce77ce9eff5493168e1a258316131e56f (diff)
download	base-3c8552b1fcb190a7d5010921fd89562d8519416e.tar.gz