Snap for 5892339 from bf7f92fea23ff6bc3772c5a8d3db592194cee11d to qt-qpr1-release
Change-Id: I9b1276ff162b05d78de49be646ae3ec3df7a0c33
diff --git a/src/com/android/se/security/AccessControlEnforcer.java b/src/com/android/se/security/AccessControlEnforcer.java
index 22b82f0..79252bd 100644
--- a/src/com/android/se/security/AccessControlEnforcer.java
+++ b/src/com/android/se/security/AccessControlEnforcer.java
@@ -488,9 +488,8 @@
}
}
if (!mTerminal.getName().startsWith(SecureElementService.UICC_TERMINAL)) {
- // It shall be allowed to grant full access if no rule can be retrieved
- // from the secure element except for UICC.
- mFullAccess = true;
+ // Deny full access for eSE if no rule can be retrieved because of security concern
+ mFullAccess = false;
// ARF is supported only on UICC.
mUseArf = false;
}