Permissions

Overview:

The purpose of a permission is to protect the privacy of an Android user. Android apps must request permission to access sensitive user data (such as contacts and SMS), as well as certain system features (such as camera and internet). Depending on the feature, the system might grant the permission automatically or might prompt the user to approve the request.

An app must publicize the permissions it requires by including <uses-permission> tags in the app manifest. For example, an app that needs to send SMS messages would have this line in the manifest:

<manifest xmlns:android="http://schemas.android.com/apk/res/android"
          package="com.example.snazzyapp">

    <uses-permission android:name="android.permission.SEND_SMS"/>

    <application ...>
        ...
    </application>
</manifest>

<uses-feature>:

  • Declares a single hardware or software feature that is used by the application. The purpose of a declaration is to inform any external entity of the set of hardware and software features on which your application depends. The element offers a required attribute that lets you specify whether your application requires and cannot function without the declared feature, or whether it prefers to have the feature but can function without it.
    <uses-permission android:name="android.permission.CAMERA" />
<uses-feature android:name="android.hardware.camera" android:required="false" />
<uses-feature android:name="android.hardware.camera.front" android:required="false" />

Protection levels of permissions in Android:

  1. Normal Permissions:
    • If there is a very little or no risk of the user privacy then the permission comes under the Normal Permission category. You can directly use this facility by adding permission in the AndroidManifest.xml file.
    • List:
      • ACCESS_LOCATION_EXTRA_COMMANDS
      • ACCESS_NETWORK_STATE
      • ACCESS_NOTIFICATION_POLICY
      • ACCESS_WIFI_STATE
      • BLUETOOTH
      • BLUETOOTH_ADMIN
      • BROADCAST_STICKY
      • CHANGE_NETWORK_STATE
      • CHANGE_WIFI_MULTICAST_STATE
      • CHANGE_WIFI_STATE
      • DISABLE_KEYGUARD
      • EXPAND_STATUS_BAR
      • GET_PACKAGE_SIZE
      • INSTALL_SHORTCUT
      • INTERNET
      • KILL_BACKGROUND_PROCESSES
      • MANAGE_OWN_CALLS
      • MODIFY_AUDIO_SETTINGS
      • NFC
      • READ_SYNC_SETTINGS
      • READ_SYNC_STATS
      • RECEIVE_BOOT_COMPLETED
      • REORDER_TASKS
      • REQUEST_COMPANION_RUN_IN_BACKGROUND
      • REQUEST_COMPANION_USE_DATA_IN_BACKGROUND
      • REQUEST_DELETE_PACKAGES
      • REQUEST_IGNORE_BATTERY_OPTIMIZATIONS
      • REQUEST_INSTALL_PACKAGES
      • SET_ALARM
      • SET_WALLPAPER
      • SET_WALLPAPER_HINTS
      • TRANSMIT_IR
      • USE_FINGERPRINT
      • VIBRATE
      • WAKE_LOCK
      • WRITE_SYNC_SETTINGS
  1. Signature Permissions:
    • The android system grants these permissions at the installation time but there is one condition. The app that is asking for some permission must be signed with the same signature as that of the app that defines the required permission.
    • List:
      • BIND_ACCESSIBILITY_SERVICE
      • BIND_AUTOFILL_SERVICE
      • BIND_CARRIER_SERVICES
      • BIND_CHOOSER_TARGET_SERVICE
      • BIND_CONDITION_PROVIDER_SERVICE
      • BIND_DEVICE_ADMIN
      • BIND_DREAM_SERVICE
      • BIND_INCALL_SERVICE
      • BIND_INPUT_METHOD
      • BIND_MIDI_DEVICE_SERVICE
      • BIND_NFC_SERVICE
      • BIND_NOTIFICATION_LISTENER_SERVICE
      • BIND_PRINT_SERVICE
      • BIND_SCREENING_SERVICE
      • BIND_TELECOM_CONNECTION_SERVICE
      • BIND_TEXT_SERVICE
      • BIND_TV_INPUT
      • BIND_VISUAL_VOICEMAIL_SERVICE
      • BIND_VOICE_INTERACTION
      • BIND_VPN_SERVICE
      • BIND_VR_LISTENER_SERVICE
      • BIND_WALLPAPER
      • CLEAR_APP_CACHE
      • MANAGE_DOCUMENTS
      • READ_VOICEMAIL
      • REQUEST_INSTALL_PACKAGES
      • SYSTEM_ALERT_WINDOW
      • WRITE_SETTINGS
      • WRITE_VOICEMAIL
  1. Dangerous Permissions:
    • Include that permission that involve user data in some or the other way. To use Dangerous permissions, you have to explicitly ask for permission before using that by showing some alert dialog or any other dialog.
    • List:

      CALENDAR

      • READ_CALENDAR
      • WRITE_CALENDAR

      CAMERA

      • CAMERA

      CONTACTS

      • READ_CONTACTS
      • WRITE_CONTACTS
      • GET_ACCOUNTS

      LOCATION

      • ACCESS_FINE_LOCATION
      • ACCESS_COARSE_LOCATION

      MICROPHONE

      • RECORD_AUDIO

      PHONE

      • READ_PHONE_STATE
      • READ_PHONE_NUMBERS
      • CALL_PHONE
      • ANSWER_PHONE_CALLS (must request at runtime)
      • READ_CALL_LOG
      • WRITE_CALL_LOG
      • ADD_VOICEMAIL
      • USE_SIP
      • PROCESS_OUTGOING_CALLS
      • ANSWER_PHONE_CALLS

      SENSORS

      • BODY_SENSORS

      SMS

      • SEND_SMS
      • RECEIVE_SMS
      • READ_SMS
      • RECEIVE_WAP_PUSH
      • RECEIVE_MMS

      STORAGE

      • READ_EXTERNAL_STORAGE
      • WRITE_EXTERNAL_STORAGE

View an app's permissions:

You can view all the permissions currently defined in the system using the Settings app and the shell command adb shell pm list permissions. To use the Settings app, go to Settings > Apps. Pick an app and scroll down to see the permissions that the app uses. For developers, the adb '-s' option displays the permissions in a form similar to how the user sees them:

$ adb shell pm list permissions -s
All Permissions:

Network communication: view Wi-Fi state, create Bluetooth connections, full
internet access, view network state

Your location: access extra location provider commands, fine (GPS) location,
mock location sources for testing, coarse (network-based) location

Services that cost you money: send SMS messages, directly call phone numbers

...

You can also use the adb -g option to grant all permissions automatically when installing an app on an emulator or test device:

$ adb shell install -g MyApp.apk

Runtime Permissions:

https://youtu.be/C8lUdPVSzDk