Ensure pkg uid matches provided uid for device phone number check
An app on the device is able to directly interact with any of the
services that accepts a package name and can return a protected
device resource (phone number or identifier). The app is then able
to pass the name of another package targeting pre-R and determine
whether the app is installed on the device based on whether the
service method throws an Exception or not. While the app is able
to pass another package's name to the service method, the service
method will still use Binder#getCallingUid for the check. To prevent
leaking information about packages installed on the device, this
commit adds an additional check to verify the provided uid matches
that of the package; if not, a SecurityException is thrown that
only contains the provided package name, along with the uid / pid
of the calling app.
Bug: 193441322
Bug: 193445182
Test: atest LegacyPermissionManagerServiceTest
Change-Id: If9353b7cb697bd78ab18775aee7723e984d3c1db
2 files changed
