Skip to content

Commit

Permalink
Restrict camera and recording permissions
Browse files Browse the repository at this point in the history
  • Loading branch information
@M66B
M66B committed Aug 5, 2014
1 parent 16890b1 commit 1fb5fdc
Show file tree
Hide file tree
Showing 5 changed files with 34 additions and 17 deletions.
1 change: 1 addition & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,7 @@ Changelog
* Renamed *setOutputFile* into *MediaRecorder.start*
* Restructured restriction meta data
* Fixed displaying white list entry state after scrolling ([issue](/../../issues/1850))
* Added restrictions *Camera.permission*, *Record.Audio.permission* and *Record.Video.permission*
* Added Croatian translation
* Updated Slovak translation

Expand Down
1 change: 0 additions & 1 deletion TODO.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,5 @@ Services

* Individual account methods
* Individual package methods
* Revoke CAMERA, RECORD_AUDIO, RECORD_VIDEO
* Revoke BLUETOOTH, NFC, USE_SIP
* Merge XActivityManager and XActivityManagerService
3 changes: 3 additions & 0 deletions res/values/functions.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -179,6 +179,9 @@
<string name="media_android_media_action_IMAGE_CAPTURE" translatable="false"><![CDATA[<a href="https://developer.android.com/reference/android/provider/MediaStore.html#ACTION_IMAGE_CAPTURE">Google documentation</a>]]></string>
<string name="media_android_media_action_IMAGE_CAPTURE_SECURE" translatable="false"><![CDATA[<a href="https://developer.android.com/reference/android/provider/MediaStore.html#ACTION_IMAGE_CAPTURE_SECURE">Google documentation</a>]]></string>
<string name="media_android_media_action_VIDEO_CAPTURE" translatable="false"><![CDATA[<a href="https://developer.android.com/reference/android/provider/MediaStore.html#ACTION_VIDEO_CAPTURE">Google documentation</a>]]></string>
<string name="media_Camera_permission" translatable="false"><![CDATA[<a href="https://developer.android.com/reference/android/Manifest.permission.html#CAMERA">Google documentation</a>]]></string>
<string name="media_Record_Audio_permission" translatable="false"><![CDATA[<a href="https://developer.android.com/reference/android/Manifest.permission.html#RECORD_AUDIO">Google documentation</a>]]></string>
<string name="media_Record_Video_permission" translatable="false"><![CDATA[Will restrict recording of video]]></string>

<!-- messages -->
<string name="messages_getAllMessagesFromIcc" translatable="false"><![CDATA[Will restrict access to messages stored on the SIM card]]></string>
Expand Down
3 changes: 3 additions & 0 deletions src/biz/bokhorst/xprivacy/Meta.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -237,6 +237,9 @@ public static List<Hook> get() {
mListHook.add(new Hook("media", "Camera.startPreview", "CAMERA", 1, "2.2.3", "setPreviewCallback").unsafe().doNotify());
mListHook.add(new Hook("media", "Camera.takePicture", "CAMERA", 1, "2.2.3", "takePicture").unsafe().doNotify());
mListHook.add(new Hook("media", "MediaRecorder.start", "RECORD_AUDIO,RECORD_VIDEO", 1, "2.2.3", "setOutputFile").unsafe().doNotify());
mListHook.add(new Hook("media", "Camera.permission", "CAMERA", 1, "2.2.3", null).noOnDemand().dangerous().doNotify());
mListHook.add(new Hook("media", "Record.Audio.permission", "RECORD_AUDIO", 3, "2.2.3", null).noOnDemand().dangerous().doNotify());
mListHook.add(new Hook("media", "Record.Video.permission", "RECORD_VIDEO", 3, "2.2.3", null).noOnDemand().dangerous().doNotify());

mListHook.add(new Hook("media", MediaStore.ACTION_IMAGE_CAPTURE, "", 3, null, null).doNotify());
mListHook.add(new Hook("media", MediaStore.ACTION_IMAGE_CAPTURE_SECURE, "", 17, null, null).doNotify());
Expand Down
43 changes: 27 additions & 16 deletions src/biz/bokhorst/xprivacy/XPackageManager.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -245,14 +245,15 @@ protected void after(XParam param) throws Throwable {
break;

case checkPermission:
if (!PrivacyManager.getSettingBool(0, PrivacyManager.cSettingPermMan, false))
return;

if (param.args.length > 1 && param.args[0] instanceof String && param.args[1] instanceof String) {
String permName = (String) param.args[0];
String pkgName = (String) param.args[1];
int resultOfCheck = (Integer) param.getResult();

if (resultOfCheck != PackageManager.PERMISSION_GRANTED)
return;

// Get uid
int uid;
if (Build.VERSION.SDK_INT < Build.VERSION_CODES.JELLY_BEAN) {
// PackageInfo getPackageInfo(String packageName, int flags)
Expand All @@ -271,34 +272,44 @@ protected void after(XParam param) throws Throwable {
uid = (Integer) mGetPackageUid.invoke(param.thisObject, pkgName, userId);
}

if (resultOfCheck == PackageManager.PERMISSION_GRANTED) {
permName = permName.replace("android.permission.", "");
if (isRestrictedExtra(uid, getRestrictionName(), getMethodName(), permName))
param.setResult(PackageManager.PERMISSION_DENIED);
}
checkPermission(param, uid, permName);
}
break;

case checkUidPermission:
if (!PrivacyManager.getSettingBool(0, PrivacyManager.cSettingPermMan, false))
return;

if (param.args.length > 1 && param.args[0] instanceof String && param.args[1] instanceof Integer) {
String permName = (String) param.args[0];
int uid = (Integer) param.args[1];
int resultOfCheck = (Integer) param.getResult();

if (resultOfCheck == PackageManager.PERMISSION_GRANTED) {
permName = permName.replace("android.permission.", "");
if (isRestrictedExtra(uid, getRestrictionName(), getMethodName(), permName))
param.setResult(PackageManager.PERMISSION_DENIED);
}
if (resultOfCheck == PackageManager.PERMISSION_GRANTED)
checkPermission(param, uid, permName);
}
break;

}
}

private void checkPermission(XParam param, int uid, String permName) throws Throwable {
if ("android.permission.CAMERA".endsWith(permName))
if (getRestricted(uid, PrivacyManager.cMedia, "Camera.permission"))
param.setResult(PackageManager.PERMISSION_DENIED);

if ("android.permission.RECORD_AUDIO".endsWith(permName))
if (getRestricted(uid, PrivacyManager.cMedia, "Record.Audio.permission"))
param.setResult(PackageManager.PERMISSION_DENIED);

if ("android.permission.RECORD_VIDEO".endsWith(permName))
if (getRestricted(uid, PrivacyManager.cMedia, "Record.Video.permission"))
param.setResult(PackageManager.PERMISSION_DENIED);

if (PrivacyManager.getSettingBool(0, PrivacyManager.cSettingPermMan, false)) {
permName = permName.replace("android.permission.", "");
if (isRestrictedExtra(uid, getRestrictionName(), getMethodName(), permName))
param.setResult(PackageManager.PERMISSION_DENIED);
}
}

private List<ApplicationInfo> filterApplicationInfo(List<ApplicationInfo> original) {
ArrayList<ApplicationInfo> result = new ArrayList<ApplicationInfo>();
for (ApplicationInfo appInfo : original)
Expand Down

0 comments on commit 1fb5fdc

Please sign in to comment.