Google Git
Sign in
android / platform / frameworks / base / 36ebab6
commit36ebab675cba49e5201c5c228a524e6e1bb7dcea[log] [tgz]
authorCraig Mautner <cmautner@google.com>Tue Feb 17 10:17:21 2015 -0800
committerThe Android Automerger <android-build@google.com>Tue Feb 17 16:32:01 2015 -0800
tree18366528ff6128899959b0cb8585224aebd6856d
parentb464571193fc7a2335a7f91f1c79a292c23b2f13 [diff]
Do not make ActivityContainer available to apps. DO NOT MERGE

A security leak was discovered whereby a malicious app could get the
IActivityContainer object from one app and use it to inject events
into another app. This fix removes the availability of the
IActivityContainer and replaces its one use with a method for
returning the information the IActivityContainer was used for.

Fixes bug 19394591.

Change-Id: Ib3cec25b25130cd8e098892c057742cfd575cfdd
4 files changed
tree: 18366528ff6128899959b0cb8585224aebd6856d
  1. api/
  2. cmds/
  3. core/
  4. data/
  5. docs/
  6. drm/
  7. graphics/
  8. include/
  9. keystore/
  10. libs/
  11. location/
  12. media/
  13. native/
  14. nfc-extras/
  15. obex/
  16. opengl/
  17. packages/
  18. policy/
  19. rs/
  20. samples/
  21. sax/
  22. services/
  23. telecomm/
  24. telephony/
  25. test-runner/
  26. tests/
  27. tools/
  28. wifi/
  29. Android.mk
  30. CleanSpec.mk
  31. MODULE_LICENSE_APACHE2
  32. NOTICE
  33. preloaded-classes