diff options
Diffstat (limited to 'src/com/android/messaging/util/FileUtil.java')
-rw-r--r-- | src/com/android/messaging/util/FileUtil.java | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/src/com/android/messaging/util/FileUtil.java b/src/com/android/messaging/util/FileUtil.java index 7c47ae9..f76e4fd 100644 --- a/src/com/android/messaging/util/FileUtil.java +++ b/src/com/android/messaging/util/FileUtil.java @@ -16,7 +16,11 @@ package com.android.messaging.util; +import android.content.ContentResolver; import android.content.Context; +import android.net.Uri; +import android.os.Environment; +import android.text.TextUtils; import android.webkit.MimeTypeMap; import com.android.messaging.Factory; @@ -116,6 +120,20 @@ public class FileUtil { } } + private static boolean isFileUri(final Uri uri) { + return TextUtils.equals(uri.getScheme(), ContentResolver.SCHEME_FILE); + } + // Checks if the file is in /data, and don't allow any app to send personal information. + // We're told it's possible to create world readable hardlinks to other apps private data + // so we ban all /data file uris. + public static boolean isInPrivateDir(Uri uri) { + if (!isFileUri(uri)) { + return false; + } + final File file = new File(uri.getPath()); + return isSameOrSubDirectory(Environment.getDataDirectory(), file); + } + /** * Checks, whether the child directory is the same as, or a sub-directory of the base * directory. |