Google Git
Sign in
android / platform / packages / apps / Messaging / 9de3ed279b308ff6209db2f74539494d60e81271^1..9de3ed279b308ff6209db2f74539494d60e81271 / .
commit9de3ed279b308ff6209db2f74539494d60e81271[log] [tgz]
authorTavis Bohne <tbohne@google.com>Wed Jun 08 16:46:44 2016 +0000
committerAndroid (Google) Code Review <android-gerrit@google.com>Wed Jun 08 16:46:45 2016 +0000
treeccf48c407eafde943c9d39f5a02ce8341f66ba36
parentf1210c127a4288aa53ec8dd3936a0077c63022eb [diff]
parent41f3b673f1f4b4071ef1af180a6397e1318885d3 [diff]
Merge "Messenger refuses all file:///data/ uris" into nyc-dev
diff --git a/src/com/android/messaging/ui/conversationlist/ShareIntentActivity.java b/src/com/android/messaging/ui/conversationlist/ShareIntentActivity.java
index 396f1da..83b7be9 100644
--- a/src/com/android/messaging/ui/conversationlist/ShareIntentActivity.java
+++ b/src/com/android/messaging/ui/conversationlist/ShareIntentActivity.java

@@ -159,7 +159,7 @@
     }
 
     private void addSharedImagePartToDraft(final String contentType, final Uri imageUri) {
-        if (FileUtil.isInPrivateDir(getBaseContext(), imageUri)) {
+        if (FileUtil.isInPrivateDir(imageUri)) {
             Assert.fail("Cannot send private file " + imageUri.toString());
         } else {
             mDraftMessage.addPart(PendingAttachmentData.createPendingAttachmentData(contentType,

diff --git a/src/com/android/messaging/util/FileUtil.java b/src/com/android/messaging/util/FileUtil.java
index f8051ed..e35e79b 100644
--- a/src/com/android/messaging/util/FileUtil.java
+++ b/src/com/android/messaging/util/FileUtil.java

@@ -19,6 +19,7 @@
 import android.content.ContentResolver;
 import android.content.Context;
 import android.net.Uri;
+import android.os.Environment;
 import android.text.TextUtils;
 import android.webkit.MimeTypeMap;
 
@@ -123,14 +124,15 @@
         return TextUtils.equals(uri.getScheme(), ContentResolver.SCHEME_FILE);
     }
 
-    // Checks if the file is in /data/data/com.android.messaging
-    // The other app folders are either symlinks to this, or hold non-private data like binaries.
-    public static boolean isInPrivateDir(Context context, Uri uri) {
+    // Checks if the file is in /data, and don't allow any app to send personal information.
+    // We're told it's possible to create world readable hardlinks to other apps private data
+    // so we ban all /data file uris.
+    public static boolean isInPrivateDir(Uri uri) {
         if (!isFileUri(uri)) {
             return false;
         }
         final File file = new File(uri.getPath());
-        return FileUtil.isSameOrSubDirectory(new File(context.getApplicationInfo().dataDir), file);
+        return FileUtil.isSameOrSubDirectory(Environment.getDataDirectory(), file);
     }
 
     /**