From ed4c74983eb5aa1b8f5fd729a32504a69441efa2 Mon Sep 17 00:00:00 2001
From: ashley willis <ashleywillis76@gmail.com>
Date: Sun, 22 Apr 2012 19:39:35 -0500
Subject: [PATCH] fixed security issue -- account databases previously
 world-readable and accessible to any app if UUID is known.

---
 src/com/fsck/k9/mail/store/LockableDatabase.java | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/com/fsck/k9/mail/store/LockableDatabase.java b/src/com/fsck/k9/mail/store/LockableDatabase.java
index e39d56211..f30deeaf0 100644
--- a/src/com/fsck/k9/mail/store/LockableDatabase.java
+++ b/src/com/fsck/k9/mail/store/LockableDatabase.java
@@ -6,6 +6,7 @@ import java.util.concurrent.locks.ReadWriteLock;
 import java.util.concurrent.locks.ReentrantReadWriteLock;
 
 import android.app.Application;
+import android.content.Context;
 import android.database.sqlite.SQLiteDatabase;
 import android.database.sqlite.SQLiteException;
 import android.util.Log;
@@ -370,12 +371,12 @@ public class LockableDatabase {
         try {
             final File databaseFile = prepareStorage(mStorageProviderId);
             try {
-                mDb = SQLiteDatabase.openOrCreateDatabase(databaseFile, null);
+                mDb = application.openOrCreateDatabase(databaseFile.getPath(), Context.MODE_PRIVATE, null);
             } catch (SQLiteException e) {
                 // try to gracefully handle DB corruption - see issue 2537
                 Log.w(K9.LOG_TAG, "Unable to open DB " + databaseFile + " - removing file and retrying", e);
                 databaseFile.delete();
-                mDb = SQLiteDatabase.openOrCreateDatabase(databaseFile, null);
+                mDb = application.openOrCreateDatabase(databaseFile.getPath(), Context.MODE_PRIVATE, null);
             }
             if (mDb.getVersion() != mSchemaDefinition.getVersion()) {
                 mSchemaDefinition.doDbUpgrade(mDb);