diff --git a/app/src/main/java/eu/faircode/email/ActivitySignature.java b/app/src/main/java/eu/faircode/email/ActivitySignature.java
index 33d2a0ea2b..d5506381ba 100644
--- a/app/src/main/java/eu/faircode/email/ActivitySignature.java
+++ b/app/src/main/java/eu/faircode/email/ActivitySignature.java
@@ -398,6 +398,8 @@ public class ActivitySignature extends ActivityBase {
             NoStreamException.check(uri, this);
 
             getContentResolver().takePersistableUriPermission(uri, Intent.FLAG_GRANT_READ_URI_PERMISSION);
+            if (!Helper.isPersisted(this, uri, true, false))
+                throw new IllegalStateException("No permission granted to access selected image " + uri);
 
             int start = etText.getSelectionStart();
             if (etText.isRaw())
diff --git a/app/src/main/java/eu/faircode/email/FragmentAnswer.java b/app/src/main/java/eu/faircode/email/FragmentAnswer.java
index 1b4d538500..6605c1d229 100644
--- a/app/src/main/java/eu/faircode/email/FragmentAnswer.java
+++ b/app/src/main/java/eu/faircode/email/FragmentAnswer.java
@@ -551,6 +551,8 @@ public class FragmentAnswer extends FragmentBase {
             NoStreamException.check(uri, getContext());
 
             getContext().getContentResolver().takePersistableUriPermission(uri, Intent.FLAG_GRANT_READ_URI_PERMISSION);
+            if (!Helper.isPersisted(getContext(), uri, true, false))
+                throw new IllegalStateException("No permission granted to access selected image " + uri);
 
             int start = etText.getSelectionStart();
             SpannableStringBuilder ssb = new SpannableStringBuilderEx(etText.getText());
diff --git a/app/src/main/java/eu/faircode/email/FragmentOptionsNotifications.java b/app/src/main/java/eu/faircode/email/FragmentOptionsNotifications.java
index 9adca7ae86..7532caf5a5 100644
--- a/app/src/main/java/eu/faircode/email/FragmentOptionsNotifications.java
+++ b/app/src/main/java/eu/faircode/email/FragmentOptionsNotifications.java
@@ -797,6 +797,9 @@ public class FragmentOptionsNotifications extends FragmentBase implements Shared
             if ("content".equals(uri.getScheme())) {
                 try {
                     getContext().getContentResolver().takePersistableUriPermission(uri, Intent.FLAG_GRANT_READ_URI_PERMISSION);
+                    if (!Helper.isPersisted(getContext(), uri, true, false))
+                        Log.unexpectedError(getParentFragmentManager(),
+                                new IllegalStateException("No permission granted to access selected sound " + uri));
                 } catch (Throwable ex) {
                     Log.w(ex);
                 }
diff --git a/app/src/main/java/eu/faircode/email/FragmentOptionsSend.java b/app/src/main/java/eu/faircode/email/FragmentOptionsSend.java
index 3d36b134c4..c707cec362 100644
--- a/app/src/main/java/eu/faircode/email/FragmentOptionsSend.java
+++ b/app/src/main/java/eu/faircode/email/FragmentOptionsSend.java
@@ -817,6 +817,9 @@ public class FragmentOptionsSend extends FragmentBase implements SharedPreferenc
             if ("content".equals(uri.getScheme())) {
                 try {
                     getContext().getContentResolver().takePersistableUriPermission(uri, Intent.FLAG_GRANT_READ_URI_PERMISSION);
+                    if (!Helper.isPersisted(getContext(), uri, true, false))
+                        Log.unexpectedError(getParentFragmentManager(),
+                                new IllegalStateException("No permission granted to access selected sound " + uri));
                 } catch (Throwable ex) {
                     Log.w(ex);
                 }
diff --git a/app/src/main/java/eu/faircode/email/Helper.java b/app/src/main/java/eu/faircode/email/Helper.java
index 133585b323..994c7db0a8 100644
--- a/app/src/main/java/eu/faircode/email/Helper.java
+++ b/app/src/main/java/eu/faircode/email/Helper.java
@@ -41,6 +41,7 @@ import android.content.Context;
 import android.content.DialogInterface;
 import android.content.Intent;
 import android.content.SharedPreferences;
+import android.content.UriPermission;
 import android.content.pm.ApplicationInfo;
 import android.content.pm.PackageInfo;
 import android.content.pm.PackageManager;
@@ -2611,6 +2612,23 @@ public class Helper {
         return (Looper.myLooper() == Looper.getMainLooper());
     }
 
+    static boolean isPersisted(Context context, Uri uri, boolean read, boolean write) {
+        try {
+            List<UriPermission> uperms = context.getContentResolver().getPersistedUriPermissions();
+            for (UriPermission uperm : uperms)
+                if (uperm.getUri().equals(uri)) {
+                    boolean canRead = uperm.isReadPermission();
+                    boolean canWrite = uperm.isWritePermission();
+                    Log.i(uri + " read=" + read + "/" + canRead + " write=" + write + "/" + canWrite);
+                    return (!read || canRead) && (!write || canWrite);
+                }
+            return false;
+        } catch (Throwable ex) {
+            Log.e(ex);
+            return !BuildConfig.DEBUG;
+        }
+    }
+
     // Cryptography
 
     static String sha256(String data) throws NoSuchAlgorithmException {