Only crop photos owned by Settings.
A recent security change locks down the ability for the system UID to issue Uri permission grants. This helps mitigate an entire class of confused deputy security issues. However, Settings (which runs as the system UID) was still relying on issuing Uri permission grants to the photo cropper. The simplest way to keep that working is to add the "com.android.settings.files" authority to a whitelist, and only request cropping of Uris from that location. This means that if the GET_CONTENT decides to return a Uri (instead of streaming it into mTakePictureUri), then we need to copy it ourselves locally before we can send it along to the cropper. Test: builds, boots, both take/choose photos work Bug: 33019296, 35158271 Change-Id: I2541c33e8d9452357cb9fc2e021ca74d5a43d5ff
Loading
Please register or sign in to comment