Restrict GnirehtetControlService to privilegied

We want to avoid the VPN to be started or stopped by anyone, so it must require a permission. Since intercepting the whole network traffic is critical, we want a system permission. In addition, we want to call it from shell, so we need an existing system permission granted to shell: <https://github.com/android/platform_frameworks_base/blob/master/packages/Shell/AndroidManifest.xml> From the small permissions set matching these conditions, I chose android.permission.WRITE_SECURE_SETTINGS. Note: The following network-related system permissions granted to shell may sound more appropriate: - android.permission.MANAGE_NETWORK_POLICY - android.permission.CONNECTIVITY_INTERNAL Unfortunately, they were added only recently, so they are not granted to shell for older versions: <aosp-mirror/platform_frameworks_base@6a05eee>
morristech · Mar 26, 2017 · e7b8407 · e7b8407
1 parent d273c09
commit e7b8407
Showing 1 changed file with 2 additions and 1 deletion.
diff --git a/app/src/main/AndroidManifest.xml b/app/src/main/AndroidManifest.xml
@@ -13,7 +13,8 @@
         android:theme="@style/AppTheme">
         <service
             android:name="com.genymobile.gnirehtet.GnirehtetControlService"
-            android:exported="true">
+            android:exported="true"
+            android:permission="android.permission.WRITE_SECURE_SETTINGS">
             <intent-filter>
                 <action android:name="com.genymobile.gnirehtet.START" />
                 <action android:name="com.genymobile.gnirehtet.STOP" />