diff options
| -rw-r--r-- | src/com/android/se/security/AccessControlEnforcer.java | 5 |
1 files changed, 2 insertions, 3 deletions
diff --git a/src/com/android/se/security/AccessControlEnforcer.java b/src/com/android/se/security/AccessControlEnforcer.java index 22b82f0..79252bd 100644 --- a/src/com/android/se/security/AccessControlEnforcer.java +++ b/src/com/android/se/security/AccessControlEnforcer.java @@ -488,9 +488,8 @@ public class AccessControlEnforcer { } } if (!mTerminal.getName().startsWith(SecureElementService.UICC_TERMINAL)) { - // It shall be allowed to grant full access if no rule can be retrieved - // from the secure element except for UICC. - mFullAccess = true; + // Deny full access for eSE if no rule can be retrieved because of security concern + mFullAccess = false; // ARF is supported only on UICC. mUseArf = false; } |