summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Enforce calling identity before clearing. am: 7c1af8c62c am: 47dcd095ea am: ↵Jeff Sharkey2016-09-161-0/+44
|\ | | | | | | | | | | | | | | 51033d49f6 am: 9bbd21ff0c Change-Id: I5f09670f0629addb5fa847799184716020234f35
| * Enforce calling identity before clearing. am: 7c1af8c62c am: 47dcd095eaJeff Sharkey2016-09-161-0/+44
| |\ | | | | | | | | | | | | | | | am: 51033d49f6 Change-Id: Ic319b5f1f9351a83a2fde49aedc99f996fda8ef5
| | * Enforce calling identity before clearing. am: 7c1af8c62cJeff Sharkey2016-09-161-0/+44
| | |\ | | | | | | | | | | | | | | | | | | | | am: 47dcd095ea Change-Id: I3a890711108cc4a0221b12b730a6c56b85c8a5f1
| | | * Enforce calling identity before clearing.Jeff Sharkey2016-09-161-0/+44
| | | |\ | | | | | | | | | | | | | | | | | | | | | | | | | am: 7c1af8c62c Change-Id: Id435bda5c939ab48c3e1fb69f13292a4740828d4
| | | | * Enforce calling identity before clearing.Jeff Sharkey2016-09-161-0/+44
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When opening a downloaded file, enforce that the caller can actually see the requested download before clearing their identity to read internal columns. However, this means that we can no longer return the "my_downloads" paths: if those Uris were shared beyond the app that requested the download, access would be denied. Instead, we need to switch to using "all_downloads" Uris so that permission grants can be issued to third-party viewer apps. Since an app requesting a download doesn't normally have permission to "all_downloads" paths, we issue narrow grants toward the owner of each download, both at device boot and when new downloads are started. Bug: 30537115, 30945409 Change-Id: If944aada020878a91c363963728d0da9f6fae3ea
* | | | | Revert "Enforce calling identity before clearing." am: b440ceb00f am: ↵Adam Seaton2016-08-261-13/+0
|\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 6777320335 am: a474af3a08 am: 8bec536bf2 Change-Id: I81ea34a6f1cdaa438af6397651d7374628d44eff
| * | | | Revert "Enforce calling identity before clearing." am: b440ceb00f am: 6777320335Adam Seaton2016-08-261-13/+0
| |\| | | | | | | | | | | | | | | | | | | | | | | | | | | | am: a474af3a08 Change-Id: I133dc7915c5dfd0e2d70ece76c008c7b282f0bcb
| | * | | Revert "Enforce calling identity before clearing." am: b440ceb00fAdam Seaton2016-08-261-13/+0
| | |\| | | | | | | | | | | | | | | | | | | | | | | | | | | am: 6777320335 Change-Id: Ic4a822eadde869658a80e67cd1d06a0a45c3767c
| | | * | Revert "Enforce calling identity before clearing."Adam Seaton2016-08-261-13/+0
| | | |\| | | | | | | | | | | | | | | | | | | | | | | | | | am: b440ceb00f Change-Id: If9feec471d71fbfa05a4cf9a8633142c724b6da3
| | | | * Revert "Enforce calling identity before clearing."Adam Seaton2016-08-261-13/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This reverts commit 8be3a92eb0b4105a9ed748be5a937ce79145f565. Change-Id: I10401d57239b868f8e3514f81a0e20486838e29c
* | | | | Enforce calling identity before clearing. am: 8be3a92eb0 am: ec19fe6485 am: ↵Jeff Sharkey2016-08-091-0/+13
|\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | b3ce7976f2 am: 860239d87e Change-Id: Ic62206ad61c81da00eb57679211c140ce7053032
| * | | | Enforce calling identity before clearing. am: 8be3a92eb0 am: ec19fe6485Jeff Sharkey2016-08-091-0/+13
| |\| | | | | | | | | | | | | | | | | | | | | | | | | | | | am: b3ce7976f2 Change-Id: I539882f08289cabaaf49326fb7973d98d0323de2
| | * | | Enforce calling identity before clearing. am: 8be3a92eb0Jeff Sharkey2016-08-091-0/+13
| | |\| | | | | | | | | | | | | | | | | | | | | | | | | | | am: ec19fe6485 Change-Id: Ib82ee386c9b72a35172a4a205a72aba5d3c3134e
| | | * | Enforce calling identity before clearing.Jeff Sharkey2016-08-091-0/+13
| | | |\| | | | | | | | | | | | | | | | | | | | | | | | | | am: 8be3a92eb0 Change-Id: I0b339abd106680e44a7e900e3eae514cf0f630c1
| | | | * Enforce calling identity before clearing.Jeff Sharkey2016-08-011-0/+13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When opening a downloaded file, enforce that the caller can actually see the requested download before clearing their identity to read internal columns. Bug: 30537115 Change-Id: I01bbad7997e5e908bfb19f5d576860a24f59f295
* | | | | DO NOT MERGE. Use resolved path when inserting and deleting.Jeff Sharkey2016-02-161-5/+15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This avoids a race condition where someone can change a symlink target after the security checks have passed. Bug: 26211054 Change-Id: I40ed6d2298e4b66b4f7a055e68d9820515adf351
* | | | | DO NOT MERGE. Use resolved path for both checking and opening. am: ↵Jeff Sharkey2016-01-210-0/+0
|\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 8a2e551874 am: e13f6fa9b6 am: 8e6c809370 -s ours am: 46a4c650bb am: 1aaf16b00e -s ours am: 47784d61cf am: ae7d56abe4 am: 224c8b5d4e -s ours * commit '224c8b5d4e15175c9632b25d8a4f3fecc81cc074': DO NOT MERGE. Use resolved path for both checking and opening.
| * | | | DO NOT MERGE. Use resolved path for both checking and opening. am: ↵Jeff Sharkey2016-01-210-0/+0
| |\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 8a2e551874 am: e13f6fa9b6 am: 8e6c809370 -s ours am: 46a4c650bb am: 1aaf16b00e -s ours am: 47784d61cf am: ae7d56abe4 * commit 'ae7d56abe493e7896a24024d1cf0d16e55609e6e': DO NOT MERGE. Use resolved path for both checking and opening.
| | * | | DO NOT MERGE. Use resolved path for both checking and opening. am: ↵Jeff Sharkey2016-01-210-0/+0
| | |\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 8a2e551874 am: e13f6fa9b6 am: 8e6c809370 -s ours am: 46a4c650bb am: 1aaf16b00e -s ours am: 47784d61cf * commit '47784d61cf756509e5002b0938af03ce009fd854': DO NOT MERGE. Use resolved path for both checking and opening.
| | | * | DO NOT MERGE. Use resolved path for both checking and opening. am: ↵Jeff Sharkey2016-01-210-0/+0
| | | |\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 8a2e551874 am: e13f6fa9b6 am: 8e6c809370 -s ours am: 46a4c650bb am: 1aaf16b00e -s ours * commit '1aaf16b00e0bb62547686a742023648d2558f557': DO NOT MERGE. Use resolved path for both checking and opening.
| | | | * | DO NOT MERGE. Use resolved path for both checking and opening. am: ↵Jeff Sharkey2016-01-210-0/+0
| | | | |\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 8a2e551874 am: e13f6fa9b6 am: 8e6c809370 -s ours am: 46a4c650bb * commit '46a4c650bbb2699612dd98cd627109db3334af71': DO NOT MERGE. Use resolved path for both checking and opening.
| | | | | * DO NOT MERGE. Use resolved path for both checking and opening. am: ↵Jeff Sharkey2016-01-210-0/+0
| | | | | |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 8a2e551874 am: e13f6fa9b6 am: 8e6c809370 -s ours * commit '8e6c8093709b144e69efb8c6bff4be50729f3c25': DO NOT MERGE. Use resolved path for both checking and opening.
| | | | | | * DO NOT MERGE. Use resolved path for both checking and opening. am: 8a2e551874Jeff Sharkey2016-01-213-16/+70
| | | | | | |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | am: e13f6fa9b6 * commit 'e13f6fa9b6aa1665d0af0df75e1b3a9f7d3d481d': DO NOT MERGE. Use resolved path for both checking and opening.
| | | | | | | * DO NOT MERGE. Use resolved path for both checking and opening.Jeff Sharkey2016-01-213-16/+70
| | | | | | | |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | am: 8a2e551874 * commit '8a2e55187463fd4f8e9f6e80ae89c4e6dcb9b9f6': DO NOT MERGE. Use resolved path for both checking and opening.
| | | | | | | | * DO NOT MERGE. Use resolved path for both checking and opening.Jeff Sharkey2016-01-213-16/+70
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This avoids a race condition where someone can change a symlink target after the security checks have passed. Bug: 26211054 Change-Id: Ie3d2ff0be3f9590869302f0c2d6cdbca1377e7ce
* | | | | | | | | Revert "Use resolved path for both checking and opening." am: 6947a091f1 am: ↵Jeff Sharkey2016-01-150-0/+0
|\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | cd15221e33 am: 9f47480ba2 -s ours am: 9294cf83d9 am: e6235ebca3 am: 5a066c39a6 am: 78b21c54af am: 451e81a331 * commit '451e81a33193986f5de177e7a66393e8aba4134f': Revert "Use resolved path for both checking and opening."
| * | | | | | | | Revert "Use resolved path for both checking and opening." am: 6947a091f1 am: ↵Jeff Sharkey2016-01-150-0/+0
| |\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | cd15221e33 am: 9f47480ba2 -s ours am: 9294cf83d9 am: e6235ebca3 am: 5a066c39a6 am: 78b21c54af * commit '78b21c54af58acd7acc40f1cd010a8cf8ed1d07b': Revert "Use resolved path for both checking and opening."
| | * | | | | | | Revert "Use resolved path for both checking and opening." am: 6947a091f1 am: ↵Jeff Sharkey2016-01-150-0/+0
| | |\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | cd15221e33 am: 9f47480ba2 -s ours am: 9294cf83d9 am: e6235ebca3 am: 5a066c39a6 * commit '5a066c39a6149d155ba7b4a6aada49bf6bfe240a': Revert "Use resolved path for both checking and opening."
| | | * | | | | | Revert "Use resolved path for both checking and opening." am: 6947a091f1 am: ↵Jeff Sharkey2016-01-150-0/+0
| | | |\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | cd15221e33 am: 9f47480ba2 -s ours am: 9294cf83d9 am: e6235ebca3 * commit 'e6235ebca3a939ccce6d0e93ce0902332ca7690d': Revert "Use resolved path for both checking and opening."
| | | | * | | | | Revert "Use resolved path for both checking and opening." am: 6947a091f1 am: ↵Jeff Sharkey2016-01-150-0/+0
| | | | |\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | cd15221e33 am: 9f47480ba2 -s ours am: 9294cf83d9 * commit '9294cf83d93386caae1103ea9c969ff3e6e8f85d': Revert "Use resolved path for both checking and opening."
| | | | | * | | | Revert "Use resolved path for both checking and opening." am: 6947a091f1 am: ↵Jeff Sharkey2016-01-150-0/+0
| | | | | |\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | cd15221e33 am: 9f47480ba2 -s ours * commit '9f47480ba25b08c4e16506e9de21f11e79d4d06d': Revert "Use resolved path for both checking and opening."
| | | | | | * | | Revert "Use resolved path for both checking and opening." am: 6947a091f1Jeff Sharkey2016-01-152-62/+12
| | | | | | |\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | am: cd15221e33 * commit 'cd15221e332ec8beca4870099de41dde6f5a3213': Revert "Use resolved path for both checking and opening."
| | | | | | | * | Revert "Use resolved path for both checking and opening."Jeff Sharkey2016-01-152-62/+12
| | | | | | | |\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | am: 6947a091f1 * commit '6947a091f1d9d2b62f5d4a6429df2679ffe5434b': Revert "Use resolved path for both checking and opening."
| | | | | | | | * Revert "Use resolved path for both checking and opening."Jeff Sharkey2016-01-152-62/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This reverts commit 5accb135178325878840c6e36fc3e640ae582dea. Change-Id: I5ec1719b28feafb5b0850ec7c17cf23571ab0bba
* | | | | | | | | Use resolved path for both checking and opening. am: 5accb13517 am: ↵Jeff Sharkey2016-01-150-0/+0
|\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 3784acf34c am: 721a135472 -s ours am: fcbe3a53fa am: da4797f794 am: 9ee6a555cf am: ecd0dab75b am: 6c54c8fc53 * commit '6c54c8fc534d11c25010e02f2000289a5faa62f2': Use resolved path for both checking and opening.
| * | | | | | | | Use resolved path for both checking and opening. am: 5accb13517 am: ↵Jeff Sharkey2016-01-150-0/+0
| |\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 3784acf34c am: 721a135472 -s ours am: fcbe3a53fa am: da4797f794 am: 9ee6a555cf am: ecd0dab75b * commit 'ecd0dab75b2ec0cc7ee1387b5e3b404ce6c4b898': Use resolved path for both checking and opening.
| | * | | | | | | Use resolved path for both checking and opening. am: 5accb13517 am: ↵Jeff Sharkey2016-01-150-0/+0
| | |\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 3784acf34c am: 721a135472 -s ours am: fcbe3a53fa am: da4797f794 am: 9ee6a555cf * commit '9ee6a555cf969fcd23d95dcc24ea0fe66f69a3f6': Use resolved path for both checking and opening.
| | | * | | | | | Use resolved path for both checking and opening. am: 5accb13517 am: ↵Jeff Sharkey2016-01-150-0/+0
| | | |\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 3784acf34c am: 721a135472 -s ours am: fcbe3a53fa am: da4797f794 * commit 'da4797f794042c11fd18262f22e4f4e4df5f32c6': Use resolved path for both checking and opening.
| | | | * | | | | Use resolved path for both checking and opening. am: 5accb13517 am: ↵Jeff Sharkey2016-01-150-0/+0
| | | | |\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 3784acf34c am: 721a135472 -s ours am: fcbe3a53fa * commit 'fcbe3a53fa23b4ed0368ecbd55a1c21b504aff09': Use resolved path for both checking and opening.
| | | | | * | | | Use resolved path for both checking and opening. am: 5accb13517 am: 3784acf34cJeff Sharkey2016-01-150-0/+0
| | | | | |\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | am: 721a135472 -s ours * commit '721a13547271c7af1629268d5e3b5e6361555270': Use resolved path for both checking and opening.
| | | | | | * | | Use resolved path for both checking and opening. am: 5accb13517Jeff Sharkey2016-01-152-12/+62
| | | | | | |\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | am: 3784acf34c * commit '3784acf34cce6aed448b3f3541b6734b79efb31d': Use resolved path for both checking and opening.
| | | | | | | * | Use resolved path for both checking and opening.Jeff Sharkey2016-01-152-12/+62
| | | | | | | |\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | am: 5accb13517 * commit '5accb135178325878840c6e36fc3e640ae582dea': Use resolved path for both checking and opening.
| | | | | | | | * Use resolved path for both checking and opening.Jeff Sharkey2016-01-142-12/+62
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This avoids a race condition where someone can change a symlink target after the security checks have passed. Bug: 26211054 Change-Id: I5842aaecc7b7d417a3b1902957b59b8a1f3c1ccb
* | | | | | | | | Use resolved path for both checking and opening. am: 5c08fb8cbe am: ↵Jeff Sharkey2016-01-150-0/+0
|\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 5d406ad384 am: 9d3bd7d1ea am: 13fbee9d2e am: 40b85de66a * commit '40b85de66a592cd2eaf3cb3766416a54d34e41f2': Use resolved path for both checking and opening.
| * | | | | | | | Use resolved path for both checking and opening. am: 5c08fb8cbe am: ↵Jeff Sharkey2016-01-150-0/+0
| |\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 5d406ad384 am: 9d3bd7d1ea am: 13fbee9d2e * commit '13fbee9d2e3421ba0750ad617adf75bd4f30334d': Use resolved path for both checking and opening.
| | * | | | | | | Use resolved path for both checking and opening. am: 5c08fb8cbe am: 5d406ad384Jeff Sharkey2016-01-150-0/+0
| | |\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | am: 9d3bd7d1ea * commit '9d3bd7d1ea05f012609c47bd9410a5e9f66fe09e': Use resolved path for both checking and opening.
| | | * | | | | | Use resolved path for both checking and opening. am: 5c08fb8cbeJeff Sharkey2016-01-150-0/+0
| | | |\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | am: 5d406ad384 * commit '5d406ad38446af78bc904d8141d2856a6a5a8dfd': Use resolved path for both checking and opening.
| | | | * | | | | Use resolved path for both checking and opening.Jeff Sharkey2016-01-152-3/+8
| | | | |\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | am: 5c08fb8cbe * commit '5c08fb8cbeb045b9ce447443208e87f42604d168': Use resolved path for both checking and opening.
| | | | | * | | | Use resolved path for both checking and opening.Jeff Sharkey2016-01-142-3/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This avoids a race condition where someone can change a symlink target after the security checks have passed. Bug: 26211054 Change-Id: I5842aaecc7b7d417a3b1902957b59b8a1f3c1ccb
* | | | | | | | | Use resolved path for both checking and opening. am: bdc831357e am: 0e710ca30dJeff Sharkey2016-01-150-0/+0
|\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | am: c64ced184c -s ours * commit 'c64ced184cc4545303bdd13b8060f3111e256307': Use resolved path for both checking and opening.
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-26 13:51:11 +0000