Google Git
Sign in
android / platform / packages / apps / UnifiedEmail / 0d9dfd649bae9c181e3afc5d571903f1eb5dc46f
commit0d9dfd649bae9c181e3afc5d571903f1eb5dc46f[log] [tgz]
authorRégis Décamps <regisd@google.com>Tue Feb 23 16:16:54 2016 +0100
committerThe Android Automerger <android-build@google.com>Fri Feb 26 14:34:05 2016 -0800
tree5fa360968d3e6dd0cd2de5f04d70875532e028bf
parentd7917089078210e30e5136822e63f530c9e66268 [diff]
Don't allow file attachment from file:///data.

Commit 24ed2941ab132e4156bd38f0ab734c81dae8fc2e allows file://
attachment on the /data directory if they are from the same process.

This was done to work around applications that shared their internal
data file. However, this is bad practice, and other apps should share
content:// Uri instead.

With this change, Email doesn't allow this anymore. This fixes
security issue 199888.

Also, add Analytics for these errors
compose_errors > send_intent_attachment > data_dir

https://code.google.com/p/android/issues/detail?id=199888
b/26989185
Change-Id: I7cae3389f4f7cf5f86600a58c6ccdffaf889d1c3
1 file changed
tree: 5fa360968d3e6dd0cd2de5f04d70875532e028bf
  1. assets/
  2. res/
  3. src/
  4. tests/
  5. unified_src/
  6. Android.mk
  7. AndroidManifest.xml
  8. CleanSpec.mk
  9. proguard-test.flags
  10. proguard.flags