New policy: AOSP conducts rigorous review of external code contributions

According to news on September 19, the Android Open Source Project (AOSP) is taking new measures to strengthen code review of external contributors to improve the security and quality of the Android system. According to AOSP's latest policy, all external changes to AOSP need to be reviewed and approved by two Google reviewers. This measure is designed to prevent potential security holes and bugs from entering the AOSP code base to ensure user privacy and data security.

Android expert Mishaal Rahman pointed out that this review process is not to limit who can submit code to AOSP, but to ensure the quality and security of the code. At the same time, non-Google employees are not blacklisted from contributions and can still submit code to AOSP. The purpose of the review is to ensure that each external contribution is carefully reviewed to filter out the most beneficial parts and reduce potential security issues.

1. According to the editor’s understanding, this new policy may significantly reduce some vulnerability-related problems that the Android system has faced in the past.

2. Some vulnerabilities have been exploited by hackers in the past, such as the one that allowed bypassing the Android lock screen.
3. However, Google’s bug bounty program has played an active role in the discovery and reporting of security vulnerabilities, encouraging white hat hackers to contribute to the security of the Android system.
4. This program has paid out millions of dollars in rewards to help improve Android system security.

The above is the detailed content of New policy: AOSP conducts rigorous review of external code contributions. For more information, please follow other related articles on the PHP Chinese website!