diff options
author | Neil Fuller <nfuller@google.com> | 2017-09-22 17:01:10 +0100 |
---|---|---|
committer | Neil Fuller <nfuller@google.com> | 2017-09-25 16:44:20 +0100 |
commit | dabb14f82bfeaf3e598157ac4fc6e7844b1a6044 (patch) | |
tree | f01b0710e56a10aa6094d055d8948926238f8457 /src/main/com/android/timezone | |
parent | 21843e19927764b3210e504345738e7fa2321565 (diff) | |
download | TimeZoneData-dabb14f82bfeaf3e598157ac4fc6e7844b1a6044.tar.gz |
Explicitly disallow multiple user execute
Explicitly disallow multiple user execution:
it's not expected because everything runs as system
but this change explicitly rules out execution.
This change also adds an xTS to confirm that
a secondary user installing the app triggers
an update (as the owner) and the device is updated
correctly.
Test: Manual testing installing updates as secondary device user
Test: PTS: run pts -m PtsTimeZoneTestCases
Bug: 64111659
Change-Id: Ic839bb264b9ce5448e6191c71ffb7c2b634e4efa
Diffstat (limited to 'src/main/com/android/timezone')
-rw-r--r-- | src/main/com/android/timezone/data/TimeZoneRulesDataProvider.java | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/src/main/com/android/timezone/data/TimeZoneRulesDataProvider.java b/src/main/com/android/timezone/data/TimeZoneRulesDataProvider.java index 194620f..d92665a 100644 --- a/src/main/com/android/timezone/data/TimeZoneRulesDataProvider.java +++ b/src/main/com/android/timezone/data/TimeZoneRulesDataProvider.java @@ -31,6 +31,7 @@ import android.database.Cursor; import android.net.Uri; import android.os.Bundle; import android.os.ParcelFileDescriptor; +import android.os.UserHandle; import android.provider.TimeZoneRulesDataContract; import android.provider.TimeZoneRulesDataContract.Operation; import android.support.annotation.NonNull; @@ -94,6 +95,14 @@ public final class TimeZoneRulesDataProvider extends ContentProvider { public void attachInfo(Context context, ProviderInfo info) { super.attachInfo(context, info); + // The time zone update process should run as the system user exclusively as it's a + // system feature, not user dependent. + UserHandle currentUserHandle = android.os.Process.myUserHandle(); + if (!currentUserHandle.isSystem()) { + throw new SecurityException("ContentProvider is supposed to run as the system user," + + " instead user=" + currentUserHandle); + } + // Sanity check our security if (!TimeZoneRulesDataContract.AUTHORITY.equals(info.authority)) { // The authority looked for by the time zone updater is fixed. |