From 012f0762275df7125358e8db352834af60495b43 Mon Sep 17 00:00:00 2001 From: Jeff Sharkey Date: Mon, 31 Oct 2016 14:33:49 -0600 Subject: Public volumes belong to a single user. When a public (vfat) device is inserted, it's strongly associated with the current foreground user, and no other users should be able to access it, since otherwise that would be a cross-user data leak. To use the device under a different user, switch users and then eject/remount the device. Test: verified user isolation of USB drive Bug: 32523490 Change-Id: I590c791996f1fea8d78f625dc942d149f1f41614 (cherry picked from commit 8b38d083c42e2706e1ff5a1410fa61d1f5dea3f5) (cherry picked from commit 47e62b7fe6807a274ba760a8fecfd624fe792da9) --- .../src/com/android/externalstorage/ExternalStorageProvider.java | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'packages') diff --git a/packages/ExternalStorageProvider/src/com/android/externalstorage/ExternalStorageProvider.java b/packages/ExternalStorageProvider/src/com/android/externalstorage/ExternalStorageProvider.java index 46b73d8..f72832a 100644 --- a/packages/ExternalStorageProvider/src/com/android/externalstorage/ExternalStorageProvider.java +++ b/packages/ExternalStorageProvider/src/com/android/externalstorage/ExternalStorageProvider.java @@ -135,7 +135,8 @@ public class ExternalStorageProvider extends DocumentsProvider { final VolumeInfo privateVol = mStorageManager.findPrivateForEmulated(volume); title = mStorageManager.getBestVolumeDescription(privateVol); } - } else if (volume.getType() == VolumeInfo.TYPE_PUBLIC) { + } else if (volume.getType() == VolumeInfo.TYPE_PUBLIC + && volume.getMountUserId() == userId) { rootId = volume.getFsUuid(); title = mStorageManager.getBestVolumeDescription(volume); } else { -- cgit v1.1