CDD: Require to display the same consistent UI for
ACTION_MANAGE_OVERLAY_PERMISSION intent.
Without such requirement intent android.settings.action.MANAGE_OVERLAY_PERMISSION
with data URI “package:<package>” can redirect the user
to the app-specific screen to enable permission
android.permission.SYSTEM_ALERT_WINDOW. This makes it too
easy for malicious apps to fool the user into enabling it.
Bug: 145286669
Change-Id: I5fce6cc6bf21b93f953b53ce077c0272dc71bae2
diff --git a/9_security-model/9_1_permissions.md b/9_security-model/9_1_permissions.md
index ebb1927..294e8bc 100644
--- a/9_security-model/9_1_permissions.md
+++ b/9_security-model/9_1_permissions.md
@@ -106,3 +106,14 @@
https://developer.android.com/reference/android/provider/Settings.html#ACTION_USAGE_ACCESS_SETTINGS)
intent pattern but MUST implement it as a no-op, that is to have an
equivalent behavior as when the user is declined for access.
+
+If device implementations provide a user affordance to choose which apps can
+draw on top of other apps with an activity that handles the
+[`ACTION_MANAGE_OVERLAY_PERMISSION`](https://developer.android.com/reference/android/provider/Settings.html#ACTION_MANAGE_OVERLAY_PERMISSION)
+intent, they:
+
+* [C-2-1] MUST ensure that all activities with intent filters for the
+ [`ACTION_MANAGE_OVERLAY_PERMISSION`](
+ https://developer.android.com/reference/android/provider/Settings.html#ACTION_MANAGE_OVERLAY_PERMISSION)
+ intent have the same UI screen, regardless of the initiating app or any
+ information it provides.
\ No newline at end of file
