Add unaudited exported flag to exposed runtime receivers

Android T allows apps to declare a runtime receiver as not exported by invoking registerReceiver with a new RECEIVER_NOT_EXPORTED flag; receivers registered with this flag will only receive broadcasts from the platform and the app itself. However to ensure developers can properly protect their receivers, all apps targeting U or later registering a receiver for non-system broadcasts must specify either the exported or not exported flag when invoking #registerReceiver; if one of these flags is not provided, the platform will throw a SecurityException. This commit updates all the exposed receivers with a new RECEIVER_EXPORTED_UNAUDITED flag to maintain the existing behavior of exporting the receiver while also flagging the receiver for audit before the U release. Bug: 234659204 Test: Build Change-Id: I8fbcf69575d829f26e02d661498d69f5fc8740d0
2022-10-04 17:20:37 -05:00
parent c6c8515d00
commit 6ce57b67fb
7 changed files with 14 additions and 7 deletions
--- a/src/com/android/settings/network/CarrierConfigCache.java
+++ b/src/com/android/settings/network/CarrierConfigCache.java
@@ -86,7 +86,8 @@ public class CarrierConfigCache {
            final CarrierConfigChangeReceiver receiver = new CarrierConfigChangeReceiver();
            final Context appContext = context.getApplicationContext();
            sCarrierConfigManager = appContext.getSystemService(CarrierConfigManager.class);
-            appContext.registerReceiver(receiver, new IntentFilter(ACTION_CARRIER_CONFIG_CHANGED));
+            appContext.registerReceiver(receiver, new IntentFilter(ACTION_CARRIER_CONFIG_CHANGED),
+                    Context.RECEIVER_EXPORTED/*UNAUDITED*/);
            return sInstance;
        }
    }