Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit f233a7b8 authored by Nicolas Prevot's avatar Nicolas Prevot Committed by Jessica Hummel
Browse files

Correcting a bug related to Uri permissions. 

Making sure that an app cannot hold a permission for a uri on another user.
We were allowing apps to hold permissions for a different user, which should not be the case for privacy reasons (an app could just access apps on another profile)

As a consequence some of the cross profile share intents were not working because a check for the permission returned true so we did not separately grant permissions for uris. Granting permission for uris is required for accessing the content providers across users.

BUG: 15559256

Change-Id: I70765eb659151ce0c5af06075a844143c09429e8
(cherry picked from commit e55e0a1741b9258af77e23e16aa95a6d9e6a5c6f)
parent bbd2909d

services/core/java/com/android/server/am/ActivityManagerService.java

+3 −0
Original line number Diff line number Diff line
@@ -6030,6 +6030,9 @@ public final class ActivityManagerService extends ActivityManagerNative 
            IPackageManager pm, ProviderInfo pi, GrantUri grantUri, int uid, final int modeFlags) {

        if (DEBUG_URI_PERMISSION) Slog.v(TAG,

                "checkHoldingPermissionsLocked: uri=" + grantUri + " uid=" + uid);

        if (UserHandle.getUserId(uid) != grantUri.sourceUserId) {

            return false;

        }















        if (pi.applicationInfo.uid == uid) {















            return true;