Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / frameworks / base / 87a5616161a2dc2f629bac719f2c27c3349fec1a
commit87a5616161a2dc2f629bac719f2c27c3349fec1a[log] [tgz]
authorJeff Sharkey <jsharkey@android.com>Thu Jan 24 17:17:44 2019 -0700
committerJeff Sharkey <jsharkey@android.com>Thu Jan 24 17:17:46 2019 -0700
tree2b71c53e708a964482844c0b17c542d2d54cb5a8
parentc1b889d2614068ae5bfc9e874c26b3d04c0802fd [diff]
Verify permissions are only held by media stack.

The WRITE_MEDIA_STORAGE permission is a very powerful permission that
grants raw storage access to all devices, and as such it's only
appropriate to be granted to the media stack. Any apps with a
user-visible component (such as Camera or Gallery apps) must go
through public MediaStore APIs, to ensure that users have meaningful
permission controls.

For example, if the end user revokes the "Music" permission from an
app, but that app still has raw access to music via
WRITE_MEDIA_STORAGE, that would be a privacy incident.

Bug: 118402224
Test: atest android.permission.cts.ProviderPermissionTest
Change-Id: Iaf649689ff9e6d4eabbdb242852c179500654b56
2 files changed
tree: 2b71c53e708a964482844c0b17c542d2d54cb5a8
  1. apct-tests/
  2. api/
  3. cmds/
  4. config/
  5. core/
  6. data/
  7. docs/
  8. drm/
  9. graphics/
  10. keystore/
  11. libs/
  12. location/
  13. lowpan/
  14. media/
  15. native/
  16. nfc-extras/
  17. obex/
  18. opengl/
  19. packages/
  20. proto/
  21. rs/
  22. samples/
  23. sax/
  24. services/
  25. startop/
  26. telecomm/
  27. telephony/
  28. test-base/
  29. test-legacy/
  30. test-mock/
  31. test-runner/
  32. tests/
  33. tools/
  34. wifi/
  35. .gitignore
  36. Android.bp
  37. Android.mk
  38. CleanSpec.mk
  39. jarjar_rules_hidl.txt
  40. MODULE_LICENSE_APACHE2
  41. NOTICE
  42. pathmap.mk
  43. PREUPLOAD.cfg