Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 614f9606 authored by Oli Lan's avatar Oli Lan Committed by Android Build Coastguard Worker
Browse files

Prevent exfiltration of system files via user image settings. 

This is a backport of ag/17005706.

This adds mitigations to prevent system files being exfiltrated
via the settings content provider when a content URI is provided
as a chosen user image.

The mitigations are:

1) Copy the image to a new URI rather than the existing takePictureUri
prior to cropping.

2) Only allow a system handler to respond to the CROP intent.

Bug: 187702830
Test: build and check functionality
Merged-In: Idf1ab60878d619ee30505d71e8afe31d8b0c0ebe
Change-Id: Ieee3f2d8057e648bde52a91463d517abb47f37eb
(cherry picked from commit bfb1cd5f)
Merged-In: Ieee3f2d8057e648bde52a91463d517abb47f37eb
parent f11d5b6e
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment