|author||Jeff Sharkey <firstname.lastname@example.org>||2016-09-16 12:12:17 -0600|
|committer||Jessica Wagantall <email@example.com>||2016-11-15 16:23:04 -0800|
Enforce calling identity before clearing.
When opening a downloaded file, enforce that the caller can actually see the requested download before clearing their identity to read internal columns. However, this means that we can no longer return the "my_downloads" paths: if those Uris were shared beyond the app that requested the download, access would be denied. Instead, we need to switch to using "all_downloads" Uris so that permission grants can be issued to third-party viewer apps. Since an app requesting a download doesn't normally have permission to "all_downloads" paths, we issue narrow grants toward the owner of each download, both at device boot and when new downloads are started. CYNGNOS-3303 Bug: 30537115, 30945409 Change-Id: If944aada020878a91c363963728d0da9f6fae3ea (cherry picked from commit 7c1af8c62c8bdf6e8de5a00c1927daf9fd9c03d1)
Diffstat (limited to 'NOTICE')
0 files changed, 0 insertions, 0 deletions