Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit b324c257 authored by TreeHugger Robot's avatar TreeHugger Robot Committed by Android (Google) Code Review
Browse files

Merge "No direct Uri grants from system."

parents 10dd6979 646dde0a
Loading
Loading
Loading
Loading
+15 −7
Original line number Diff line number Diff line
@@ -8537,7 +8537,16 @@ public class ActivityManagerService extends IActivityManager.Stub
        // Third...  does the caller itself have permission to access
        // this uri?
        if (UserHandle.getAppId(callingUid) != Process.SYSTEM_UID) {
        final int callingAppId = UserHandle.getAppId(callingUid);
        if ((callingAppId == Process.SYSTEM_UID) || (callingAppId == Process.ROOT_UID)) {
            if ("com.android.settings.files".equals(grantUri.uri.getAuthority())) {
                // Exempted authority for cropping user photos in Settings app
            } else {
                Slog.w(TAG, "For security reasons, the system cannot issue a Uri permission"
                        + " grant to " + grantUri + "; use startActivityAsCaller() instead");
                return -1;
            }
        }
        if (!checkHoldingPermissionsLocked(pm, pi, grantUri, callingUid, modeFlags)) {
            // Require they hold a strong enough Uri permission
            if (!checkUriPermissionLocked(grantUri, callingUid, modeFlags)) {
@@ -8545,7 +8554,6 @@ public class ActivityManagerService extends IActivityManager.Stub
                        + " does not have permission to uri " + grantUri);
            }
        }
        }
        return targetUid;
    }