Snap for 5892339 from bf7f92fea23ff6bc3772c5a8d3db592194cee11d to qt-qpr1-release Change-Id: I9b1276ff162b05d78de49be646ae3ec3df7a0c33

commit: 0cab721e085f13f585a03269ec201806dab0bb80 [log] [tgz]
author: android-build-team Robot <android-build-team-robot@google.com> Sat Sep 21 23:20:54 2019 +0000
committer: android-build-team Robot <android-build-team-robot@google.com> Sat Sep 21 23:20:54 2019 +0000
tree: 2185a58e8ec20e50d4817e460ff26f21a8d9d1cf
parent: f148f3fc5499be209ad2b242f580e161bf1b9671 [diff]
parent: bf7f92fea23ff6bc3772c5a8d3db592194cee11d [diff]
diff --git a/src/com/android/se/security/AccessControlEnforcer.java b/src/com/android/se/security/AccessControlEnforcer.java
index 22b82f0..79252bd 100644
--- a/src/com/android/se/security/AccessControlEnforcer.java
+++ b/src/com/android/se/security/AccessControlEnforcer.java

@@ -488,9 +488,8 @@
             }
         }
         if (!mTerminal.getName().startsWith(SecureElementService.UICC_TERMINAL)) {
-            // It shall be allowed to grant full access if no rule can be retrieved
-            // from the secure element except for UICC.
-            mFullAccess = true;
+            // Deny full access for eSE if no rule can be retrieved because of security concern
+            mFullAccess = false;
             // ARF is supported only on UICC.
             mUseArf = false;
         }
commit	0cab721e085f13f585a03269ec201806dab0bb80	[log] [tgz]
author	android-build-team Robot <android-build-team-robot@google.com>	Sat Sep 21 23:20:54 2019 +0000
committer	android-build-team Robot <android-build-team-robot@google.com>	Sat Sep 21 23:20:54 2019 +0000
tree	2185a58e8ec20e50d4817e460ff26f21a8d9d1cf
parent	f148f3fc5499be209ad2b242f580e161bf1b9671 [diff]
parent	bf7f92fea23ff6bc3772c5a8d3db592194cee11d [diff]