diff options
author | Tom Taylor <tomtaylor@google.com> | 2014-09-30 13:59:38 -0700 |
---|---|---|
committer | Tom Taylor <tomtaylor@google.com> | 2014-09-30 13:59:38 -0700 |
commit | 9da13d25ef52ce81f132f8229e13f1b02bfcb779 (patch) | |
tree | 96a774c55472358a8b56d63da771ee7d7ab2856a | |
parent | 0bd818f8c28e014bbb10f6ad0e9594bc40da1494 (diff) | |
download | Mms-9da13d25ef52ce81f132f8229e13f1b02bfcb779.tar.gz |
Externally Reported Low Severity Security Vulnerability: SMS Resend Vulnerability in Android
Bug 17671795
Require SEND_SMS permission so apps without it won't be able to trick
the messaging app into sending messages.
Change-Id: I1486e8310f7b5634990cbe78e9c1144fde843414
-rw-r--r-- | AndroidManifest.xml | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/AndroidManifest.xml b/AndroidManifest.xml index a4b0bfb8..65f1a894 100644 --- a/AndroidManifest.xml +++ b/AndroidManifest.xml @@ -215,7 +215,8 @@ </receiver> <!-- Catch-all receiver for broadcasts that don't have associated security --> - <receiver android:name=".transaction.SmsReceiver"> + <receiver android:name=".transaction.SmsReceiver" + android:permission="android.permission.SEND_SMS"> <intent-filter> <action android:name="android.intent.action.BOOT_COMPLETED" /> </intent-filter> |