summaryrefslogtreecommitdiffstats
path: root/src/com/android/messaging/util/FileUtil.java
diff options
context:
space:
mode:
Diffstat (limited to 'src/com/android/messaging/util/FileUtil.java')
-rw-r--r--src/com/android/messaging/util/FileUtil.java18
1 files changed, 18 insertions, 0 deletions
diff --git a/src/com/android/messaging/util/FileUtil.java b/src/com/android/messaging/util/FileUtil.java
index 7c47ae9..f76e4fd 100644
--- a/src/com/android/messaging/util/FileUtil.java
+++ b/src/com/android/messaging/util/FileUtil.java
@@ -16,7 +16,11 @@
package com.android.messaging.util;
+import android.content.ContentResolver;
import android.content.Context;
+import android.net.Uri;
+import android.os.Environment;
+import android.text.TextUtils;
import android.webkit.MimeTypeMap;
import com.android.messaging.Factory;
@@ -116,6 +120,20 @@ public class FileUtil {
}
}
+ private static boolean isFileUri(final Uri uri) {
+ return TextUtils.equals(uri.getScheme(), ContentResolver.SCHEME_FILE);
+ }
+ // Checks if the file is in /data, and don't allow any app to send personal information.
+ // We're told it's possible to create world readable hardlinks to other apps private data
+ // so we ban all /data file uris.
+ public static boolean isInPrivateDir(Uri uri) {
+ if (!isFileUri(uri)) {
+ return false;
+ }
+ final File file = new File(uri.getPath());
+ return isSameOrSubDirectory(Environment.getDataDirectory(), file);
+ }
+
/**
* Checks, whether the child directory is the same as, or a sub-directory of the base
* directory.
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-19 10:49:57 +0000