If an app is using a granted permission to respond to a calling app then it must check that the calling app has that permission as well. Otherwise, the responding app may be granting privileges to the calling app that it should not have. (This is sometimes called the "confused deputy" problem.)
The methods Context.checkCallingPermission()
and Context.enforceCallingPermission()
can be used to ensure that the calling app has the correct permissions.
This noncompliant code example shows an app responding to a calling app without first checking the permissions of the calling app.
TBD |
In this compliant solution the permissions of the calling app are checked before the response is sent:
TBD |
Responding to a calling app without checking that it has the appropriate permissions can leak sensitive information.
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
---|---|---|---|---|---|
DRD14-J | High | Probable | Medium | P12 | L1 |
It is not feasible to automatically detect whether an app's permissions need to be checked before responding to it.
[Android API 2013] | Class Context |