Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Skip to content
Commit d29c6aed authored by Jeff Sharkey's avatar Jeff Sharkey
Browse files

Only crop photos owned by Settings.

A recent security change locks down the ability for the system UID to
issue Uri permission grants.  This helps mitigate an entire class of
confused deputy security issues.

However, Settings (which runs as the system UID) was still relying on
issuing Uri permission grants to the photo cropper.  The simplest way
to keep that working is to add the "com.android.settings.files"
authority to a whitelist, and only request cropping of Uris from that
location.

This means that if the GET_CONTENT decides to return a Uri (instead
of streaming it into mTakePictureUri), then we need to copy it
ourselves locally before we can send it along to the cropper.

Test: builds, boots, both take/choose photos work
Bug: 33019296, 35158271
Change-Id: I2541c33e8d9452357cb9fc2e021ca74d5a43d5ff
parent 72c7a831
Loading
Loading
Loading
Loading
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment