The Dart VM has a flag --disable-service-auth-codes, which it documents as:

"--disable-service-auth-codes\n"
"  Disables the requirement for an authentication code to communicate with\n"
"  the VM service. Authentication codes help protect against CSRF attacks,\n"
"  so it is not recommended to disable them unless behind a firewall on a\n"
"  secure device.\n"

This seems like a security sensitive flag. However, it seems like we allow any Android app to send an Intent and set this flag:

• https://github.com/flutter/engine/blob/ae14c5a2403ffd60b541035b1ef1a82d33321b43/shell/platform/android/io/flutter/app/FlutterActivityDelegate.java#L288-L290

• https://github.com/flutter/engine/blob/ae14c5a2403ffd60b541035b1ef1a82d33321b43/shell/platform/android/io/flutter/embedding/engine/FlutterShellArgs.java#L61-L63

From flutter/engine#8527, it sounds like this was just a transitional flag added in the process of adding and enabling auth codes. It looks like those steps at least have been completed.

What else needs to be done before this flag can be removed? I noticed "disable-service-auth-codes" appears a bunch of times still within the flutter/flutter repo, so I'm guessing there's still some blocking work.

If removing it outright isn't a near term option because of backwards compatibility, can we at least restrict its usability to debug builds or something?

/cc @bkonyi @chinmaygarde @zanderso