Google Git
Sign in
android / platform / compatibility / cdd / dc08584^! / .
commitdc08584020fa898bc2ed322361202516c64a1832[log] [tgz]
authorNandana Dutt <nandana@google.com>Mon May 18 10:36:21 2020 +0000
committerGina Dimino <gdimino@google.com>Tue Aug 11 19:51:37 2020 +0000
treea6739cdc43c7d31ecc4c1e640da96441904895cb
parentca55e5cc150f37d34ebf4fa37519d6a6e321dd09 [diff]
CDD: Changes related to Scoped Storage

* Dropped references to WRITE_EXTERNAL_STORAGE and
  WRITE_MEDIA_STORAGE permissions as the permission
  WRITE_EXTERNAL_STORAGE is a no-op for apps targeting Android R.
  Also the privileged permission WRITE_MEDA_STORAGE is deprecated
  in Android R.
* Scoped storage is enforced only by target SDK but the flag
  requestLegacyExternalStorage is not a way to opt out when targeting
  Android R.
* We no longer need text to emphasize how apps can access SD cards,
  this is enforced in the SDK
* Raw file path access now allowed as privacy rules are enforced 
  behind the scenes

BUG: 144375132
Change-Id: I292426ee55ecb395dcdbcc3f840d8c9bc5e7a6fc

diff --git a/7_hardware-compatibility/7_6_memory-and-storage.md b/7_hardware-compatibility/7_6_memory-and-storage.md
index b3f4a41..4fb2645 100644
--- a/7_hardware-compatibility/7_6_memory-and-storage.md
+++ b/7_hardware-compatibility/7_6_memory-and-storage.md

@@ -24,30 +24,12 @@
 *   [C-0-3] MUST mount the application shared storage directly on the Linux path
     `sdcard` or include a Linux symbolic link from `sdcard` to the actual mount
     point.
-*   [C-0-4] MUST enforce the `android.permission.WRITE_EXTERNAL_STORAGE`
-    permission on this shared storage as documented in the SDK.
-*   [C-0-5] MUST enable [scoped storage](
+*   [C-0-4] MUST enable [scoped storage](
     https://developer.android.com/privacy/scoped-storage) by default for all
-    apps targeting API level 29 or above, except in the following situations:
-    *   when the app was installed before the device upgraded to API level 29,
-        regardless of the target API of the app.
-    *   when the app has requested `android:requestLegacyExternalStorage="true"`
+    apps targeting API level 29 or above, except in the following situation:
+    *   When the app has requested `android:requestLegacyExternalStorage="true"`
         in their manifest.
-    *   when the app is granted the `android.permission.WRITE_MEDIA_STORAGE`
-        permission.
-*   [C-0-6] MUST enforce that apps with scoped storage enabled have no direct
-    filesystem access to files outside of their application-specific
-    directories, as returned by [`Context`](
-    https://developer.android.com/reference/android/content/Context.html) API
-    methods such as [`Context.getExternalFilesDirs()`](
-    https://developer.android.com/reference/android/content/Context.html#getExternalFilesDirs%28java.lang.String%29),
-    [`Context.getExternalCacheDirs()`](
-    https://developer.android.com/reference/android/content/Context.html#getExternalCacheDirs%28%29),
-    [`Context.getExternalMediaDirs()`](
-    https://developer.android.com/reference/android/content/Context.html#getExternalMediaDirs%28%29),
-    and
-    [`Context.getObbDirs()`](https://developer.android.com/reference/android/content/Context.html#getObbDirs%28%29) methods.
-*   [C-0-7] MUST redact location metadata, such as GPS Exif tags, stored in
+*   [C-0-5] MUST redact location metadata, such as GPS Exif tags, stored in
     media files when those files are accessed through `MediaStore`, except when
     the calling app holds the `ACCESS_MEDIA_LOCATION` permission.
 
@@ -74,23 +56,6 @@
     storage.
 *   MAY share the storage space with the application private data.
 
-If device implementations include multiple shared storage paths (such
-as both an SD card slot and shared internal storage), they:
-
-*   [C-2-1] MUST allow only pre-installed and privileged Android
-    applications with the `WRITE_MEDIA_STORAGE` permission to write to the
-    secondary external storage, except when writing to their package-specific
-    directories or within the `URI` returned by firing the
-    `ACTION_OPEN_DOCUMENT_TREE` intent.
-*   [C-2-2] MUST require that the direct access associated with the
-    `android.permission.WRITE_MEDIA_STORAGE` permission is only given to
-    user-visible apps when the `android.permission.WRITE_EXTERNAL_STORAGE`
-    permission is also granted.
-*   [SR] STRONGLY RECOMMENDED that pre-installed and privileged Android
-    applications use public APIs such as `MediaStore` to interact with storage
-    devices, instead of relying on the direct access granted by
-    `android.permission.WRITE_MEDIA_STORAGE`.
-
 If device implementations have a USB port with USB peripheral mode support,
 they:
 

diff --git a/9_security-model/9_1_permissions.md b/9_security-model/9_1_permissions.md
index ebb1927..f96f187 100644
--- a/9_security-model/9_1_permissions.md
+++ b/9_security-model/9_1_permissions.md

@@ -83,9 +83,7 @@
 *   [C-0-11] Apps holding a `softRestricted` permission MUST get only limited
     access and MUST NOT gain full access until whitelisted as described in the
     SDK, where full and limited access is defined for each `softRestricted`
-    permission (for example, [`WRITE_EXTERNAL_STORAGE`](
-    https://developer.android.com/reference/android/Manifest.permission.html#WRITE_EXTERNAL_STORAGE)
-    and [`READ_EXTERNAL_STORAGE`](
+    permission (for example, [`READ_EXTERNAL_STORAGE`](
     https://developer.android.com/reference/android/Manifest.permission#READ_EXTERNAL_STORAGE)).
 
 If device implementations include a pre-installed app or wish to allow