Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 33e2c500 authored by Abhijeet Kaur's avatar Abhijeet Kaur
Browse files

Remove legacy WRITE_EXTERNAL_STORAGE permission check for Installers

Bug: 239495492
Test: atest ScopedStorageHostTest#testCheckInstallerAppAccessToObbDirs
Change-Id: Id96c854c0b31e94d367dccd125ad5c14523cdc79
parent c4ecc52f
Loading
Loading
Loading
Loading
+2 −8
Original line number Original line Diff line number Diff line
@@ -19,12 +19,10 @@ package com.android.server;
import static android.Manifest.permission.ACCESS_MTP;
import static android.Manifest.permission.ACCESS_MTP;
import static android.Manifest.permission.INSTALL_PACKAGES;
import static android.Manifest.permission.INSTALL_PACKAGES;
import static android.Manifest.permission.MANAGE_EXTERNAL_STORAGE;
import static android.Manifest.permission.MANAGE_EXTERNAL_STORAGE;
import static android.Manifest.permission.WRITE_EXTERNAL_STORAGE;
import static android.app.AppOpsManager.MODE_ALLOWED;
import static android.app.AppOpsManager.MODE_ALLOWED;
import static android.app.AppOpsManager.OP_LEGACY_STORAGE;
import static android.app.AppOpsManager.OP_LEGACY_STORAGE;
import static android.app.AppOpsManager.OP_MANAGE_EXTERNAL_STORAGE;
import static android.app.AppOpsManager.OP_MANAGE_EXTERNAL_STORAGE;
import static android.app.AppOpsManager.OP_REQUEST_INSTALL_PACKAGES;
import static android.app.AppOpsManager.OP_REQUEST_INSTALL_PACKAGES;
import static android.app.AppOpsManager.OP_WRITE_EXTERNAL_STORAGE;
import static android.app.PendingIntent.FLAG_CANCEL_CURRENT;
import static android.app.PendingIntent.FLAG_CANCEL_CURRENT;
import static android.app.PendingIntent.FLAG_IMMUTABLE;
import static android.app.PendingIntent.FLAG_IMMUTABLE;
import static android.app.PendingIntent.FLAG_ONE_SHOT;
import static android.app.PendingIntent.FLAG_ONE_SHOT;
@@ -4505,11 +4503,7 @@ class StorageManagerService extends IStorageManager.Stub
                }
                }
            }
            }


            // Determine if caller is holding runtime permission
            // We're only willing to give out installer access if they hold
            final boolean hasWrite = StorageManager.checkPermissionAndCheckOp(mContext, false, 0,
                    uid, packageName, WRITE_EXTERNAL_STORAGE, OP_WRITE_EXTERNAL_STORAGE);

            // We're only willing to give out installer access if they also hold
            // runtime permission; this is a firm CDD requirement
            // runtime permission; this is a firm CDD requirement
            final boolean hasInstall = mIPackageManager.checkUidPermission(INSTALL_PACKAGES,
            final boolean hasInstall = mIPackageManager.checkUidPermission(INSTALL_PACKAGES,
                    uid) == PERMISSION_GRANTED;
                    uid) == PERMISSION_GRANTED;
@@ -4525,7 +4519,7 @@ class StorageManagerService extends IStorageManager.Stub
                    break;
                    break;
                }
                }
            }
            }
            if ((hasInstall || hasInstallOp) && hasWrite) {
            if (hasInstall || hasInstallOp) {
                return StorageManager.MOUNT_MODE_EXTERNAL_INSTALLER;
                return StorageManager.MOUNT_MODE_EXTERNAL_INSTALLER;
            }
            }
            return StorageManager.MOUNT_MODE_EXTERNAL_DEFAULT;
            return StorageManager.MOUNT_MODE_EXTERNAL_DEFAULT;