Prevent exfiltration of system files via avatar picker.
This adds mitigations to prevent system files being exfiltrated
via the settings content provider when a content URI is provided
as a chosen user image.
The mitigations are:
1) Copy the image to a new URI rather than the existing takePictureUri
prior to cropping.
2) Only allow a system handler to respond to the CROP intent.
Bug: 187702830
Test: atest AvatarPhotoControllerTest
Change-Id: Idf1ab60878d619ee30505d71e8afe31d8b0c0ebe
2 files changed