Content provider does not require permission

Content provider does not require permission

Content providers are exported by default and any application on the system can potentially use them to read and write data. If the content provider provides access to sensitive data, it should be protected by specifying export=false in the manifest or by protecting it with a permission that can be granted to other applications.

Issue id: ExportedContentProvider

https://goo.gle/ExportedContentProvider