security/hakurei.app
security/hakurei.app
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 4 Wiki Activity

add initial storage access documentation

Browse Source
This commit is contained in:
Daniel Micay 2022-07-13 01:33:22 -04:00
parent 275fe8bb90
commit 16d0eda0a6
2 changed files with 73 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
static/features.html
View File

@ -106,6 +106,7 @@
<li><a href="#sandboxed-google-play">Sandboxed Google Play</a></li>
<li><a href="#network-permission-toggle">Network permission toggle</a></li>
<li><a href="#sensors-permission-toggle">Sensors permission toggle</a></li>
<li><a href="#storage-scopes">Storage Scopes</a></li>
<li><a href="#broad-carrier-support">Broad carrier support without invasive carrier access</a></li>
<li><a href="#lte-only-mode">LTE-only mode</a></li>
<li><a href="#wifi-privacy">Wi-Fi privacy</a></li>
@ -471,6 +472,21 @@
default.</p>
</section>
<section id="storage-scopes">
<h3><a href="#storage-scopes">Storage Scopes</a></h3>
<p>GrapheneOS provides Storage Scopes as a fully compatible alternative to the
standard Android storage permissions. Instead of granting storage permissions,
users can enable Storage Scopes to grant the requested permissions in a highly
restricted mode where the app can create files/directories in the user's home
directory but can only access the files it has created itself. Users can then
optionally add files and directories as storage scopes to permit the app to
access files created by other apps.</p>
<p>For more details, see the <a href="/usage#storage-access">usage guide
section on storage access</a>.</p>
</section>
<section id="broad-carrier-support">
<h3><a href="#broad-carrier-support">Broad carrier support without invasive carrier access</a></h3>

57
static/usage.html
View File

@ -64,6 +64,7 @@
<li><a href="#3-button-navigation">3-button navigation</a></li>
</ul>
</li>
<li><a href="#storage-access">Storage access</a></li>
<li><a href="#accessibility">Accessibility</a></li>
<li><a href="#auditor">Auditor</a></li>
<li>
@ -220,6 +221,62 @@
</section>
</section>
<section id="storage-access">
<h2><a href="#storage-access">Storage access</a></h2>
<p>GrapheneOS inherits the same baseline approach to storage access as modern
Android and extends it with our Storage Scopes feature as a fully compatible
alternative to the standard Android storage permissions. This section provides a
brief high level overview of the standard approach to storage access primarily to
provide context for explaining Storage Scopes.</p>
<p>By default, Android apps can only access their own sandboxed storage (internal
storage) and their own scoped directory within the <code>Android/data</code>
directory in the user's home directory (external storage).</p>
<p>Android apps can open the system file picker interface to have the user store
or load one or more files/directories on their behalf. Using this approach gives
the user control over where files are stored in their home directory and which
files/directories can be used by the app. This is based on the Storage Access
Framework (SAF) introduced in Android 4.4. SAF allows the user to grant access to
the files/directories in their home directory, external drives and also app-based
storage providers such as network shares, cloud storage, an encrypted volume, an
external drive with a filesystem the OS doesn't support for external drives, etc.
This is the only way to use those app-based storage providers and modern Android
has removed the legacy approach for accessing external drives.</p>
<p>The more traditional approach to accessing files outside of the app's storage
directories is requesting storage permissions to obtain broad access to the user's
home directory. The traditional Storage permission toggle was renamed to Files and
Media for legacy apps and Media for modern apps. For legacy apps, it gives access
to most of the user's home directory other than certain special areas. For modern
apps, it only gives access to files created by the app and indexed media. Media is
indexed if it's in a directory scope without a file called <code>.nomedia</code>.
You can see the indexed media collections via the categories for Photos, etc. in
the system file manager. These aren't directories themselves but rather all of the
indexed media from all directories in the user's home directory. These are not the
same thing as the standard top-level directories for Pictures, etc.</p>
<p>Since the Storage permission became a limited Media permission for apps built
for modern Android, a separate "All files access" special access permission was
added for file management. As a special access permission, it can't be directly
requested via a dialog and is listed in a dedicated section rather than a toggle
with the other permissions. This gives full management access to nearly all of the
user's home directory.</p>
<p>The media management special access permission can be granted to apps with the
Files and Media / Media permission or All files access in order to grant further
access beyond the home directory to media on connected storage devices.</p>
<p>GrapheneOS provides Storage Scopes as a fully compatible alternative to the
standard Android storage permissions. Instead of granting storage permissions,
users can enable Storage Scopes to grant the requested permissions in a highly
restricted mode where the app can create files/directories in the user's home
directory but can only access the files it has created itself. Users can then
optionally add files and directories as storage scopes to permit the app to access
files created by other apps.</p>
</section>
<section id="accessibility">
<h2><a href="#accessibility">Accessibility</a></h2>