Fix security vulnerability when register phone accounts.
Currently if the registered self-managed phone account updated to a call
provider phone account, the enable state will be directly copied to the
updated one so that malicious app can perform call spoofing attack
without any permission requirements. Fix this by disallowing change a
self-managed phone account to a managed phone account.
(cherry picked from commit ce3216cbde1a2f0a7912f027aeb0c30316613116)
1 file changed