Cross Reference: /packages/apps/Messaging/src/com/android/messaging/util/FileUtil.java

History log of /packages/apps/Messaging/src/com/android/messaging/util/FileUtil.java
Revision	Date	Author	Comments (<<< Hide modified files) (Show modified files >>>)
41f3b673f1f4b4071ef1af180a6397e1318885d3	18-May-2016	Tavis Bohne <tbohne@google.com>	Messenger refuses all file:///data/ uris We've been informed it's possible for an app to create a world readable hardlink in L in its own /data directory that links to another apps private data, including Messenger data. The hardlink bypassed our existing checks. So now we simply refuse all file: uris in the /data/ directory. Other apps shouldn't be sending file uris anyway, and we dont know of any that send file:///data/ uris. Bug: 28793303 Change-Id: I778bb2bcb9e11185357093c59fc1fa3f6caa26a1 /packages/apps/Messaging/src/com/android/messaging/util/FileUtil.java
30fb3385393aafd3463811f8e88e04a08b157f67	28-Apr-2016	Tavis Bohne <tbohne@google.com>	Messaging doesn't allow sharing of its own files -Previously, Messaging allowed sharing of any file it had permission to reach. This meant that bad apps could share a link to file:///data/data/com.android.messaging/databases/bugle_db and Messaging would happily send all this sensitive information to the target. Worse, a bad app could share a softlink to this file, where the symlink was picture.jpg with the image/jpg type. -Now, when sanitizing attachments, we make sure any filepaths don't lead to any Bugle-specific directories. -getApplicationInfo().dataDir is a symlink to /data/data/com.android.messaging, and appears to be the only directory where we store personal data. -Most apps share as contentUris, including Messaging, so Messaging can still share to itself. Change-Id: Ic464bc1f099029a030793c478aaf88b957d8bad1 Fixes:28076752 /packages/apps/Messaging/src/com/android/messaging/util/FileUtil.java
d3b009ae55651f1e60950342468e3c37fdeb0796	11-Aug-2015	Mike Dodd <mdodd@google.com>	Initial checkin of AOSP Messaging app. b/23110861 Change-Id: I11db999bd10656801e618f78ab2b2ef74136fff1 /packages/apps/Messaging/src/com/android/messaging/util/FileUtil.java
ef8c7abbcfc9c770385d6609a4b4bc70240ebdc4	12-Aug-2015	Mike Dodd <mdodd@google.com>	Revert "Initial checkin of AOSP Messaging app." This reverts commit 461a34b466cb4b13dbbc2ec6330b31e217b2ac4e. Change-Id: Iac4ca77eeaa94989e91dead49a7959c905bd3078 /packages/apps/Messaging/src/com/android/messaging/util/FileUtil.java
461a34b466cb4b13dbbc2ec6330b31e217b2ac4e	11-Aug-2015	Mike Dodd <mdodd@google.com>	Initial checkin of AOSP Messaging app. b/23110861 Change-Id: I9aa980d7569247d6b2ca78f5dcb4502e1eaadb8a /packages/apps/Messaging/src/com/android/messaging/util/FileUtil.java