Specify permissions for context-registered broadcast receivers

[aksmet]

PR Type

What kind of change does this PR introduce?

• [ ] Bugfix
• [ ] Feature
• [ ] Code style update (formatting, local variables)
• [ ] Refactoring (no functional changes, no api changes)
• [ ] Documentation changes
• [x] Other... Please describe:

PR Checklist

For bug fixes / features, please check if your PR fulfills the following requirements:

• [x] Testing has been carried out for the changes have been added
• [x] Regression testing has been carried out for existing functionality
• [x] Docs have been added / updated

What is the purpose of this PR?

When this plugin is scanned by NowSecure, the following is reported:

Android apps can dynamically register broadcast receivers and specify permissions to restrict access to them. Broadcast receivers that are registered without specifying any permissions can potentially leak sensitive info to all other applications on the device. This test detects any context-registered broadcast receivers that have not been protected with permissions.

Link to relevant CWE: https://cwe.mitre.org/data/definitions/925.html

To remedy this, permissions have to be defined for the broadcast receivers registered by the Bluetooth, Location, and NFC components.

Does this PR introduce a breaking change?

• [ ] Yes
• [x] No

What testing has been done on the changes in the PR?

What testing has been done on existing functionality?

Other information

[stale[bot]]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.