Android: Use more flexible userid when launching browser popup

It was possible for the Hotspot 2.0 case of OSU user interaction to fail
with wpadebug browser due to permission denial in the "start" command
("java.lang.SecurityException: Permission Denial: startActivity asks to
run as user -2 but is calling from user 0; this requires
android.permission.INTERACT_ACROSS_USERS_FULL"). Avoid this by using
more flexible USER_CURRENT_OR_SELF (-3) value with the --user argument.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>

diff --git a/src/utils/browser-wpadebug.c b/src/utils/browser-wpadebug.c
index 5fc40fac610e9e7ee7c436f9af504bb1a115daef..59ba4d1e02d86a879282d4e6a152f96e1b03873d 100644 (file)
--- a/src/utils/browser-wpadebug.c
+++ b/src/utils/browser-wpadebug.c
@@ -96,7 +96,7 @@ int hs20_web_browser(const char *url)
 
        if (pid == 0) {
                /* run the external command in the child process */
-               char *argv[12];
+               char *argv[14];
 
                argv[0] = "browser-wpadebug";
                argv[1] = "start";
@@ -109,7 +109,9 @@ int hs20_web_browser(const char *url)
                argv[8] = "-e";
                argv[9] = "w1.fi.wpadebug.URL";
                argv[10] = (void *) url;
-               argv[11] = NULL;
+               argv[11] = "--user";
+               argv[12] = "-3"; /* USER_CURRENT_OR_SELF */
+               argv[13] = NULL;
 
                execv("/system/bin/am", argv);
                wpa_printf(MSG_ERROR, "execv: %s", strerror(errno));