diff --git a/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp b/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp
index 8aec9013b7fd3b4231035d4aed11190481ef6879..1cc1e4620e4d4dec9d20604ac74771c6aa96d713 100644
--- a/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp
+++ b/interfaces/innerkits/privacy/test/unittest/src/privacy_kit_test.cpp
@@ -2587,10 +2587,9 @@ HWTEST_F(PrivacyKitTest, SetMutePolicyTest001, TestSize.Level1)
  */
 HWTEST_F(PrivacyKitTest, SetMutePolicyTest002, TestSize.Level1)
 {
-    AccessTokenIDEx tokenIdEx = {0};
-    tokenIdEx = AccessTokenKit::AllocHapToken(g_infoParmsD, g_policyPramsD);
-    ASSERT_NE(INVALID_TOKENID, tokenIdEx.tokenIDEx);
-    EXPECT_EQ(0, SetSelfTokenID(tokenIdEx.tokenIDEx)); // as a system hap without SET_MUTE_POLICY
+    uint32_t tokenId = AccessTokenKit::GetNativeTokenId("accesstoken_service");
+    ASSERT_NE(0, tokenId);
+    EXPECT_EQ(0, SetSelfTokenID(tokenId)); // as a sa without SET_MUTE_POLICY
     ASSERT_EQ(PrivacyError::ERR_PERMISSION_DENIED,
         PrivacyKit::SetMutePolicy(PolicyType::EDM, CallerType::MICROPHONE, true, RANDOM_TOKENID));
 }
@@ -2611,6 +2610,22 @@ HWTEST_F(PrivacyKitTest, SetMutePolicyTest003, TestSize.Level1)
         PrivacyKit::SetMutePolicy(PolicyType::EDM, CallerType::MICROPHONE, true, RANDOM_TOKENID));
 }
 
+/**
+ * @tc.name: SetMutePolicyTest004
+ * @tc.desc: Test SetMutePolicy with not permission
+ * @tc.type: FUNC
+ * @tc.require:
+ */
+HWTEST_F(PrivacyKitTest, SetMutePolicyTest004, TestSize.Level1)
+{
+    AccessTokenIDEx tokenIdEx = {0};
+    tokenIdEx = AccessTokenKit::AllocHapToken(g_infoParmsD, g_policyPramsD);
+    ASSERT_NE(INVALID_TOKENID, tokenIdEx.tokenIDEx);
+    EXPECT_EQ(0, SetSelfTokenID(tokenIdEx.tokenIDEx)); // as a system hap
+    ASSERT_EQ(PrivacyError::ERR_PERMISSION_DENIED,
+        PrivacyKit::SetMutePolicy(PolicyType::EDM, CallerType::MICROPHONE, true, RANDOM_TOKENID));
+}
+
 /**
  * @tc.name: IsAllowedUsingPermission011
  * @tc.desc: IsAllowedUsingPermission with valid tokenId.
diff --git a/services/privacymanager/src/service/privacy_manager_stub.cpp b/services/privacymanager/src/service/privacy_manager_stub.cpp
index 2f16edfa53afbd245c261dfeb513d26bebe25d75..acf09773575a3cb8fdd78b9fd7d27d617d67a396 100644
--- a/services/privacymanager/src/service/privacy_manager_stub.cpp
+++ b/services/privacymanager/src/service/privacy_manager_stub.cpp
@@ -506,6 +506,13 @@ void PrivacyManagerStub::GetPermissionUsedTypeInfosInner(MessageParcel& data, Me
 
 void PrivacyManagerStub::SetMutePolicyInner(MessageParcel& data, MessageParcel& reply)
 {
+    AccessTokenID callingTokenID = IPCSkeleton::GetCallingTokenID();
+    if ((AccessTokenKit::GetTokenTypeFlag(callingTokenID) != TOKEN_NATIVE) &&
+        (AccessTokenKit::GetTokenTypeFlag(callingTokenID) != TOKEN_SHELL)) {
+        reply.WriteInt32(PrivacyError::ERR_PERMISSION_DENIED);
+        return;
+    }
+
     if (!VerifyPermission(SET_MUTE_POLICY)) {
         reply.WriteInt32(PrivacyError::ERR_PERMISSION_DENIED);
         return;