The Settings app offers several Bluetooth intents, and they need to
be updated to enforce the new "Nearby devices" runtime permission
model, since the old BLUETOOTH and BLUETOOTH_ADMIN permissions have
been deprecated.
Bug: 191174082
Test: TH
Change-Id: I0d812f486bc3dadc517d5b04d3082d4f56f60ef4
BluetoothPermissionActivity and DevicePickerFragment will send
broadcast to return the result to calling apps. As this broadcast
intent is from Settings with uid 1000, it will be sent to any
protected BroadcastReceivers in the device. It can make an attacker
send broadcast to protected BroadcastReceivers like factory reset intent
(android/com.android.server.MasterClearReceiver) via
BluetoothPermissionActivity or DevicePickerFragment.
This CL will not allow to set package name and class name to avoid
the attacker.
Bug: 179386960
Bug: 179386068
Test: make -j42 RunSettingsRoboTests and use test apk to manually test
to verify factory reset not started and no system UI notification.
Change-Id: Id27a78091ab578077853b8fbb97a4422cff0a158
This reverts commit 9d00364da4.
Reason for revert: This fix have a regression, for not blocking b/183344112 revert it.
Change-Id: Ic4366b51e07b43c8d64d2e145563d8a30cb0fc60
BluetoothPermissionActivity and DevicePickerFragment will send
broadcast to return the result to calling apps. As this broadcast
intent is from Settings with uid 1000, it will be sent to any
protected BroadcastReceivers in the device. It can make an attacker
send broadcast to protected BroadcastReceivers like factory reset intent
(android/com.android.server.MasterClearReceiver) via
BluetoothPermissionActivity or DevicePickerFragment.
This CL will compare to calling package name with launch package name.
If they are not equal, the broadcast will not send to launch package name.
Bug: 179386960
Bug: 179386068
Test: make -j42 RunSettingsRoboTests and use test apk to manually test
to verify factory reset not started and no system UI notification.
Change-Id: Ib8a5acde663e875912d300dd4912c4e9416f02f1
