From b5f5b0448861c3f538ef3cfb5a7b031dc476115c Mon Sep 17 00:00:00 2001 From: Raman Tenneti Date: Mon, 16 Sep 2019 15:22:08 -0700 Subject: AOSP/Email - Secure UPDATE_WIDGET receiver with a new permission The update methods sends a broadcast with the account name, the folder, etc. This implicitly bypasses the GET_ACCOUNT permission if a third-party applications listens to this broadcast. - Introduce a new app permission - com.android.email.permission.GET_WIDGET_UPDATE - Now the com.android.email.permission.GET_WIDGET_UPDATE is required to - receive the emitted broadcast - Add this permission to our existing widgets. Ported changes from cr/106302205 - added uses-permission GET_WIDGET_UPDATE, so Gmail app has the permission to receive the intent Bug: 139803872 Test: manual - Ran the following tests on Pixel phone. Tested the email UI. $ make -j 40 $ make Email -j $ make EmailTests -j -rw-r--r-- 1 rtenneti primarygroup 6356400 Sep 16 14:10 out/target/product/marlin/testcases/Email/arm64/Email.apk -rw-r--r-- 1 rtenneti primarygroup 389599 Sep 16 14:18 out/target/product/marlin/testcases/EmailTests/arm64/EmailTests.apk $ adb install -r -d -g out/target/product/marlin/testcases/Email/arm64/Email.apk $ adb install -r -d -g out/target/product/marlin/testcases/EmailTests/arm64/EmailTests.apk $ adb shell am instrument -w com.android.email.tests Time: 34.746 OK (157 tests) $ atest EmailTests Summary ------- EmailTests: Passed: 157, Failed: 0, Ignored: 0, Assumption Failed: 0 All tests passed! $ adb install ../security_attack/bug_139803872/poc.apk Captured the logcat output at rtenneti's x20web logcat.out.0916.1503 while reproducting the steps in b/139803872#comment3 Change-Id: I6eea128c20b555b38d325e3706473bb18080bedd Merged-In: I6eea128c20b555b38d325e3706473bb18080bedd --- AndroidManifest.xml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/AndroidManifest.xml b/AndroidManifest.xml index ae130648d..68919393d 100644 --- a/AndroidManifest.xml +++ b/AndroidManifest.xml @@ -67,6 +67,14 @@ + + +