diff options
| author | Jonatan Rhodin <jonatan.rhodin@mullvad.net> | 2024-03-20 13:54:27 +0100 |
|---|---|---|
| committer | Jonatan Rhodin <jonatan.rhodin@mullvad.net> | 2024-03-20 13:54:27 +0100 |
| commit | 7e62d03a4366fb8eaabb13dec354bb0237cd0d08 (patch) | |
| tree | d3f238f677ab1ba18df6eb2e1d3ccba64012c7b8 | |
| parent | 4b4304f57a8236e349654f8841d09e6db1432dc2 (diff) | |
| parent | 17a66923004c77d4f9a01fe2dba28a6cec8273cb (diff) | |
| download | mullvadvpn-7e62d03a4366fb8eaabb13dec354bb0237cd0d08.tar.xz mullvadvpn-7e62d03a4366fb8eaabb13dec354bb0237cd0d08.zip | |
Merge branch 'set-filtertoucheswhenobscured-true-for-the-whole-app-droid-770'
| -rw-r--r-- | CHANGELOG.md | 1 | ||||
| -rw-r--r-- | android/app/src/main/kotlin/net/mullvad/mullvadvpn/ui/MainActivity.kt | 3 | ||||
| -rw-r--r-- | android/config/config.mobsf | 3 |
3 files changed, 4 insertions, 3 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index 4f0ae72831..1769d9b98f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -57,6 +57,7 @@ Line wrap the file at 100 chars. Th ### Security #### Android - Change from singleTask to singleInstance to fix Task Affinity Vulnerability in Android 8. +- Add protection against some tapjacking vulnerabilities. ## [2024.1-beta2] - 2024-02-19 diff --git a/android/app/src/main/kotlin/net/mullvad/mullvadvpn/ui/MainActivity.kt b/android/app/src/main/kotlin/net/mullvad/mullvadvpn/ui/MainActivity.kt index c7a9be2ff9..2bfe5d5d9d 100644 --- a/android/app/src/main/kotlin/net/mullvad/mullvadvpn/ui/MainActivity.kt +++ b/android/app/src/main/kotlin/net/mullvad/mullvadvpn/ui/MainActivity.kt @@ -65,6 +65,9 @@ class MainActivity : ComponentActivity() { setContent { AppTheme { MullvadApp() } } + // This is to protect against tapjacking attacks + window.decorView.filterTouchesWhenObscured = true + // We use lifecycleScope here to get less start service in background exceptions // Se this article for more information: // https://medium.com/@lepicekmichal/android-background-service-without-hiccup-501e4479110f diff --git a/android/config/config.mobsf b/android/config/config.mobsf index 0b00ae401a..5343cd2db3 100644 --- a/android/config/config.mobsf +++ b/android/config/config.mobsf @@ -21,8 +21,5 @@ # Sensitive screens currently prevent screenshots. - android_prevent_screenshot - # Will be investigate in the externally tracked issue DROID-529. - - android_tapjacking - # We've currently decided to support Android 8. - android_manifest_insecure_minsdk |