Getting a Permission Denial when querying my own ContentProvider from my own App

Question

In one of my apps, I'm using a ContentProvider to save and restore information. This ContentProvider is used by the main application, as well as a couple of services, but all of them are in the same apk, and all the services live in the default (main) process.

My content provider is declared like this in my manifest :

    <provider android:name="sample.provider.SampleProvider"
              android:authorities="sample.provider"
              android:exported="false"
              android:enabled="true">
    </provider>

One of my classes is registered as an observer on a URI, and when a change is notified, I'm querying the provider directly to update the internal value.

@Override
public void onChange(boolean selfChange, @Nullable Uri uri) {
    if (uri == null) {
        return;
    }
    try {
        Cursor updated = mContentResolver.query(uri, null, null, null, null);
        // ... working with the cursor here
    } catch (Exception e) {
        e.printStackTrace();
    }
}

This code always failes, with the following exception

java.lang.SecurityException: Permission Denial: reading sample.provider.SampleProvider uri 
    content://sample.provider/infos/FOO from pid=0, uid=1000 requires the provider be 
    exported, or grantUriPermission()
      at android.content.ContentProvider.enforceReadPermissionInner(ContentProvider.java:605)
      at android.content.ContentProvider$Transport.enforceReadPermission(ContentProvider.java:480)
      at android.content.ContentProvider$Transport.query(ContentProvider.java:211)
      at android.content.ContentResolver.query(ContentResolver.java:491)
      at android.content.ContentResolver.query(ContentResolver.java:434)
      at sample.foo.Bar.onChange(Bar.java:331)
      at android.database.ContentObserver.onChange(ContentObserver.java:145)
      at android.database.ContentObserver.dispatchChange(ContentObserver.java:196)
      at android.database.ContentObserver.-wrap0(ContentObserver.java)
      at android.database.ContentObserver$Transport.onChange(ContentObserver.java:231)
      at android.database.IContentObserver$Stub.onTransact(IContentObserver.java:62)
      at android.os.Binder.execTransact(Binder.java:453)

Note that when I use exported="true" in the manifest, everything works fine

Answer 1

After investigating this issue, I discovered that my observer was called from another application (my guess is, it's the OS directly cally my observer), meaning that when I do the query I'm not in the context of my own app, even if it's my own code being run.

I fixed this issue by creating a handler in my object, and sending a message when I detect a change on the observed URI