Google is easing restrictions on access to the microSD card that were first introduced on KitKat. With the arrival of new Lollipop APIs, apps will again be able to write data to any folder on the microSD card, provided the user allows it.
On KitKat, apps can only write data to their own folders on the microSD card. This was intended as a security measure, as well as a way to prevent the “folder creep” that made a mess out of folders trees. But the limitation effectively crippled many apps that required “write access” across the folder tree, such as file explorers, music apps, or gallery apps. One of the best-known examples is File Explorer, whose developer Tod Liebeck went as far as to create an app (for rooted devices) that removed the limitation, so File Explorer could work as intended.
Now Google is backtracking on the limitation – in Lollipop, a new intent lets apps request access to folders from the microSD card, including folders belonging to different applications. The user can grant the app access to specific folders (say, just the Music folder for a media player app) or to the parent folder, which gives the app free access to everything on the card. This permission only needs to be granted once.
Here’s how Google engineer Jeff Sharkey describes this “richer access” in a Google Plus post:
We heard loud and clear that developers wanted richer access beyond these directories, so in Lollipop we added the new ACTION_OPEN_DOCUMENT_TREE intent. Apps can launch this intent to pick and return a directory from any supported DocumentProvider, including any of the shared storage supported by the device. Apps can then create, update, and delete files and directories anywhere under the picked tree without any additional user interaction. Just like the other document intents, apps can persist this access across reboots.
This gives apps broad, powerful access to manage files while still involving the user in the initial selection process. Users may choose to give your app access to a narrow directory like “My Vacation Photos,” or they could pick the top-level of an entire SD card; the choice is theirs.
It looks like Google has taken the – mostly negative – feedback to heart and made microSD folder access more flexible, while keeping the security measure in place for apps that have no business in modifying data across the microSD card. The responsibility of deciding what level of access an app is granted falls to the user, which isn’t ideal because it could lead to confusion, or at worst, exploitative behavior by shadier apps. But this compromise is still preferable to the lockdown from KitKat, which prevented many legitimate apps from working as intended.
Now we only need manufacturers to roll out Lollipop to their devices – check out our update roundup for what we know so far.