From 25aabb9edeb9203e52758d307b8a94ec8c64d338 Mon Sep 17 00:00:00 2001 From: Jeff Sharkey Date: Mon, 6 Jul 2015 09:46:08 -0700 Subject: [PATCH] Permission to view shared storage for all users. Typical apps are restricted so they can only view shared storage belonging to the user they're running as. However, a handful of system components need access to shared storage across all users, such as DefaultContainerService and SystemUI. Since WRITE_MEDIA_STORAGE already offers this functionality by bypassing any FUSE emulation, reuse it to grant the "sdcard_rw" GID which is no longer handed out to third-party apps. Then we change the FUSE daemon to allow the "sdcard_rw" GID to see shared storage of all users. Bug: 19995822 Change-Id: Id2fe846aefbf13fc050e9b00ddef120021e817f4 --- sdcard/sdcard.c | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/sdcard/sdcard.c b/sdcard/sdcard.c index 3cd5bc4c5..21986fccf 100644 --- a/sdcard/sdcard.c +++ b/sdcard/sdcard.c @@ -444,7 +444,16 @@ static void derive_permissions_locked(struct fuse* fuse, struct node *parent, /* Legacy internal layout places users at top level */ node->perm = PERM_ROOT; node->userid = strtoul(node->name, NULL, 10); - node->gid = multiuser_get_uid(node->userid, fuse->gid); + if (fuse->gid == AID_SDCARD_RW) { + /* As an optimization, certain trusted system components only run + * as owner but operate across all users. Since we're now handing + * out the sdcard_rw GID only to trusted apps, we're okay relaxing + * the user boundary enforcement for the default view. The UIDs + * assigned to app directories are still multiuser aware. */ + node->gid = fuse->gid; + } else { + node->gid = multiuser_get_uid(node->userid, fuse->gid); + } node->mode = 0771; break; case PERM_ROOT: