Revert "Don't allow permission change to runtime"
This reverts commit 0f929c53201264da0ae908e349c904f2fa930e29.
Change-Id: I1b86461e352a6a2cf3d32748e06c7d5806937667
(cherry picked from commit 5b95d07725b629272f202993f3620a7b0f1dd6fb)
diff --git a/services/core/java/com/android/server/pm/PackageManagerService.java b/services/core/java/com/android/server/pm/PackageManagerService.java
index b5a7c69..ec4b7eb 100644
--- a/services/core/java/com/android/server/pm/PackageManagerService.java
+++ b/services/core/java/com/android/server/pm/PackageManagerService.java
@@ -15611,27 +15611,6 @@
return;
}
- // Prevent apps to change permission protection level to dangerous
- // from any other type as this would allow a privilege escalation
- // where an app adds a normal/signature permission in other app's
- // group and later redefines it as dangerous leading to the group
- // auto-grant.
- final int permissionCount = pkg.permissions.size();
- for (int i = 0; i < permissionCount; i++) {
- PackageParser.Permission permission = pkg.permissions.get(i);
- if ((permission.info.protectionLevel & PermissionInfo.PROTECTION_MASK_BASE)
- == PermissionInfo.PROTECTION_DANGEROUS) {
- BasePermission bp = mSettings.mPermissions.get(permission.info.name);
- if (bp != null && !bp.isRuntime()) {
- res.setError(PackageManager.INSTALL_PARSE_FAILED_BAD_MANIFEST,
- "Package " + pkg.packageName + " trying to change a "
- + "non-runtime permission " + permission.info.name
- + " to runtime.");
- return;
- }
- }
- }
-
// Prevent installing of child packages
if (oldPackage.parentPackage != null) {
res.setError(PackageManager.INSTALL_PARSE_FAILED_BAD_PACKAGE_NAME,
