Fake ID fix
This patch fixes the Fake ID vulnerability (bug 13678484).
The bug allows malicious apps to pretend to be signed by trusted providers and be loaded as extensions in several contexts, such as NFC access, browser plugins and others, depending on the device and which extension mechanisms the manufacturer chose to include.
A great explanation of the implications and why the problem occurs can be found on this article by Jeff Forristal from Bluebox.
- Support for Xposed Framework 2.2 (bridge v30) and above
- Support for Gingerbread 2.3.3 and above
- Reduced potential for compatibility issues by patching only the system services but not other apps that might be using a private API