diff options
author | Dominik Schürmann <dominik@dominikschuermann.de> | 2015-11-19 18:35:19 +0100 |
---|---|---|
committer | Dominik Schürmann <dominik@dominikschuermann.de> | 2015-11-19 18:35:19 +0100 |
commit | 2315827635f39cc876dec9ffb238227b8595e404 (patch) | |
tree | 72eabb9d313559c836ce11c3d72e5132381da46b /OpenKeychain/src | |
parent | 562c0546c6e89f0720ab8ec88194be4357afb134 (diff) | |
download | open-keychain-2315827635f39cc876dec9ffb238227b8595e404.tar.gz open-keychain-2315827635f39cc876dec9ffb238227b8595e404.tar.bz2 open-keychain-2315827635f39cc876dec9ffb238227b8595e404.zip |
FileHelperLollipop: Check by comparing UID instead of checking files read permissions. This fixes sharing of file uris from sdcard
Diffstat (limited to 'OpenKeychain/src')
-rw-r--r-- | OpenKeychain/src/main/java/org/sufficientlysecure/keychain/util/FileHelperLollipop.java | 18 |
1 files changed, 4 insertions, 14 deletions
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/util/FileHelperLollipop.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/util/FileHelperLollipop.java index ab2841ed5..131f9296e 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/util/FileHelperLollipop.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/util/FileHelperLollipop.java @@ -17,7 +17,6 @@ package org.sufficientlysecure.keychain.util; - import java.io.File; import java.io.FileNotFoundException; import java.io.IOException; @@ -27,7 +26,6 @@ import android.annotation.TargetApi; import android.content.ContentResolver; import android.content.res.AssetFileDescriptor; import android.net.Uri; -import android.os.Build; import android.os.Build.VERSION_CODES; import android.os.ParcelFileDescriptor; import android.system.ErrnoException; @@ -36,10 +34,8 @@ import android.system.StructStat; import org.sufficientlysecure.keychain.Constants; -import static android.system.OsConstants.S_IROTH; - - -/** FileHelper methods which use Lollipop-exclusive API. +/** + * FileHelper methods which use Lollipop-exclusive API. * Some of the methods and static fields used here cause VerifyErrors because * they do not exist in pre-lollipop API, so they must be kept in a * lollipop-only class. All methods here should only be called by FileHelper, @@ -47,12 +43,6 @@ import static android.system.OsConstants.S_IROTH; */ @TargetApi(VERSION_CODES.LOLLIPOP) class FileHelperLollipop { - /** - * Tests whether a file is readable by others - */ - private static boolean S_IROTH(int mode) { - return (mode & S_IROTH) == S_IROTH; - } /** * A replacement for ContentResolver.openInputStream() that does not allow the usage of @@ -76,8 +66,8 @@ class FileHelperLollipop { try { final StructStat st = Os.fstat(pfd.getFileDescriptor()); - if (!S_IROTH(st.st_mode)) { - Log.e(Constants.TAG, "File is not readable by others, aborting!"); + if (st.st_uid == android.os.Process.myUid()) { + Log.e(Constants.TAG, "File is owned by the application itself, aborting!"); throw new FileNotFoundException("Unable to create stream"); } } catch (ErrnoException e) { |