diff options
author | Jeff Sharkey <jsharkey@android.com> | 2015-07-06 09:45:55 -0700 |
---|---|---|
committer | Jeff Sharkey <jsharkey@android.com> | 2015-07-06 10:54:28 -0700 |
commit | 32e80d7588720bdc9f8a3e961ac4566d7c80b2b9 (patch) | |
tree | f973bf150361de86acd613b0b597a7043e6ee3bc /packages | |
parent | 1f6c9a12149040f7980a45cc6a6518bbb1d6cc7c (diff) | |
download | frameworks_base-32e80d7588720bdc9f8a3e961ac4566d7c80b2b9.zip frameworks_base-32e80d7588720bdc9f8a3e961ac4566d7c80b2b9.tar.gz frameworks_base-32e80d7588720bdc9f8a3e961ac4566d7c80b2b9.tar.bz2 |
Permission to view shared storage for all users.
Typical apps are restricted so they can only view shared storage
belonging to the user they're running as. However, a handful of
system components need access to shared storage across all users,
such as DefaultContainerService and SystemUI.
Since WRITE_MEDIA_STORAGE already offers this functionality by
bypassing any FUSE emulation, reuse it to grant the "sdcard_rw" GID
which is no longer handed out to third-party apps. Then we change
the FUSE daemon to allow the "sdcard_rw" GID to see shared storage
of all users.
Bug: 19995822
Change-Id: I504c2a179ba74f142ed0d32da5baa69f4212cd82
Diffstat (limited to 'packages')
-rw-r--r-- | packages/DefaultContainerService/AndroidManifest.xml | 4 | ||||
-rw-r--r-- | packages/SystemUI/AndroidManifest.xml | 3 |
2 files changed, 4 insertions, 3 deletions
diff --git a/packages/DefaultContainerService/AndroidManifest.xml b/packages/DefaultContainerService/AndroidManifest.xml index 14777a9..6a72d83 100644 --- a/packages/DefaultContainerService/AndroidManifest.xml +++ b/packages/DefaultContainerService/AndroidManifest.xml @@ -5,10 +5,10 @@ <uses-permission android:name="android.permission.ASEC_DESTROY"/> <uses-permission android:name="android.permission.ASEC_MOUNT_UNMOUNT"/> <uses-permission android:name="android.permission.WRITE_EXTERNAL_STORAGE" /> - <!-- Used to improve MeasureUtils performance on emulated storage --> + <!-- Used to improve MeasureUtils performance on emulated storage, and to + view storage for all users --> <uses-permission android:name="android.permission.WRITE_MEDIA_STORAGE" /> <uses-permission android:name="android.permission.ACCESS_CACHE_FILESYSTEM" /> - <uses-permission android:name="android.permission.ACCESS_ALL_EXTERNAL_STORAGE" /> <application android:label="@string/service_name" android:allowBackup="false"> diff --git a/packages/SystemUI/AndroidManifest.xml b/packages/SystemUI/AndroidManifest.xml index 7c56d63..ea032b3 100644 --- a/packages/SystemUI/AndroidManifest.xml +++ b/packages/SystemUI/AndroidManifest.xml @@ -25,7 +25,8 @@ <uses-permission android:name="android.permission.RECEIVE_BOOT_COMPLETED" /> <uses-permission android:name="android.permission.READ_EXTERNAL_STORAGE" /> <uses-permission android:name="android.permission.WRITE_EXTERNAL_STORAGE" /> - <uses-permission android:name="android.permission.ACCESS_ALL_EXTERNAL_STORAGE" /> + <!-- Used to read storage for all users --> + <uses-permission android:name="android.permission.WRITE_MEDIA_STORAGE" /> <uses-permission android:name="android.permission.WAKE_LOCK" /> <uses-permission android:name="android.permission.INJECT_EVENTS" /> |