Google Git
Sign in
android / platform / packages / apps / PackageInstaller / 888a1d7ca67aac9864a695510cd0ab86f3faed54^! / .
commit888a1d7ca67aac9864a695510cd0ab86f3faed54[log] [tgz]
authorChristopher Dombroski <cdombroski@google.com>Tue Apr 16 13:18:58 2019 -0700
committerhamzeh <hamzeh@google.com>Fri May 10 15:55:54 2019 -0700
tree1378c4260e1a3da9dfc69585a87f8a1899ca6c2c
parentf4186c33b2ff2729c58f328519e07383edf3f0cf [diff]
[RESTRICT AUTOMERGE]: OP_REQUEST_INSTALL_PACKAGES denied by default

Some system apps may download unknown content and the user should
be explicitly asked whether they trust these files. System apps should
explicitly use the extra NOT_UNKNOWN_SOURCE to bypass this check.

Test: Builds, boots, existing tests pass:
atest CtsPackageInstallTestCases

Locally verified they pass if CtsPackageInstallTestCases.apk was signed by
the platform cert.

Bug: 123700348
Change-Id: I962217e8736f1f62e91fd968ba7dc7fda46d67db
(cherry picked from commit 217f31fb5da6a08b2172d292fa5b8f440c02ae3a)

diff --git a/src/com/android/packageinstaller/PackageInstallerActivity.java b/src/com/android/packageinstaller/PackageInstallerActivity.java
index 48f2f90..0f41c98 100644
--- a/src/com/android/packageinstaller/PackageInstallerActivity.java
+++ b/src/com/android/packageinstaller/PackageInstallerActivity.java

@@ -40,7 +40,6 @@
 import android.os.Build;
 import android.os.Bundle;
 import android.os.Process;
-import android.os.RemoteException;
 import android.os.UserManager;
 import android.provider.Settings;
 import android.support.annotation.NonNull;
@@ -521,16 +520,6 @@
                 mOriginatingUid, mOriginatingPackage);
         switch (appOpMode) {
             case AppOpsManager.MODE_DEFAULT:
-                try {
-                    int result = mIpm.checkUidPermission(
-                            Manifest.permission.REQUEST_INSTALL_PACKAGES, mOriginatingUid);
-                    if (result == PackageManager.PERMISSION_GRANTED) {
-                        initiateInstall();
-                        break;
-                    }
-                } catch (RemoteException exc) {
-                    Log.e(TAG, "Unable to talk to package manager");
-                }
                 mAppOpsManager.setMode(AppOpsManager.OP_REQUEST_INSTALL_PACKAGES, mOriginatingUid,
                         mOriginatingPackage, AppOpsManager.MODE_ERRORED);
                 // fall through