diff options
| author | Jeff Sharkey <jsharkey@android.com> | 2015-07-06 09:45:55 -0700 |
|---|---|---|
| committer | Jeff Sharkey <jsharkey@android.com> | 2015-07-06 10:54:28 -0700 |
| commit | 32e80d7588720bdc9f8a3e961ac4566d7c80b2b9 (patch) | |
| tree | f973bf150361de86acd613b0b597a7043e6ee3bc /services/core/java | |
| parent | 1f6c9a12149040f7980a45cc6a6518bbb1d6cc7c (diff) | |
| download | frameworks_base-32e80d7588720bdc9f8a3e961ac4566d7c80b2b9.zip frameworks_base-32e80d7588720bdc9f8a3e961ac4566d7c80b2b9.tar.gz frameworks_base-32e80d7588720bdc9f8a3e961ac4566d7c80b2b9.tar.bz2 | |
Permission to view shared storage for all users.
Typical apps are restricted so they can only view shared storage
belonging to the user they're running as. However, a handful of
system components need access to shared storage across all users,
such as DefaultContainerService and SystemUI.
Since WRITE_MEDIA_STORAGE already offers this functionality by
bypassing any FUSE emulation, reuse it to grant the "sdcard_rw" GID
which is no longer handed out to third-party apps. Then we change
the FUSE daemon to allow the "sdcard_rw" GID to see shared storage
of all users.
Bug: 19995822
Change-Id: I504c2a179ba74f142ed0d32da5baa69f4212cd82
Diffstat (limited to 'services/core/java')
| -rw-r--r-- | services/core/java/com/android/server/pm/PackageManagerService.java | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/services/core/java/com/android/server/pm/PackageManagerService.java b/services/core/java/com/android/server/pm/PackageManagerService.java index 9a11397..9d35254 100644 --- a/services/core/java/com/android/server/pm/PackageManagerService.java +++ b/services/core/java/com/android/server/pm/PackageManagerService.java @@ -19,6 +19,7 @@ package com.android.server.pm; import static android.Manifest.permission.GRANT_REVOKE_PERMISSIONS; import static android.Manifest.permission.READ_EXTERNAL_STORAGE; import static android.Manifest.permission.WRITE_EXTERNAL_STORAGE; +import static android.Manifest.permission.WRITE_MEDIA_STORAGE; import static android.content.pm.PackageManager.COMPONENT_ENABLED_STATE_DEFAULT; import static android.content.pm.PackageManager.COMPONENT_ENABLED_STATE_DISABLED; import static android.content.pm.PackageManager.COMPONENT_ENABLED_STATE_DISABLED_UNTIL_USED; @@ -2679,7 +2680,9 @@ public class PackageManagerService extends IPackageManager.Stub { if (Process.isIsolated(uid)) { return Zygote.MOUNT_EXTERNAL_NONE; } else { - if (checkUidPermission(WRITE_EXTERNAL_STORAGE, uid) == PERMISSION_GRANTED) { + if (checkUidPermission(WRITE_MEDIA_STORAGE, uid) == PERMISSION_GRANTED) { + return Zygote.MOUNT_EXTERNAL_DEFAULT; + } else if (checkUidPermission(WRITE_EXTERNAL_STORAGE, uid) == PERMISSION_GRANTED) { return Zygote.MOUNT_EXTERNAL_WRITE; } else if (checkUidPermission(READ_EXTERNAL_STORAGE, uid) == PERMISSION_GRANTED) { return Zygote.MOUNT_EXTERNAL_READ; |