Hi dear android developers!
When my installed on any android device it asked the following permission from the user.
I did not want anything from the user in my app, so I want to remove this permission from my app but I did not figure out the name of this permission in my android manifest.xml file. Please tells the name of this permission So I can remove it from my android manifest.xml file.
Thanks in advance...
READ_EXTERNAL_STORAGE is the permission. Butin general you should not request any permission you don't actually need. If you have extras in your manifest, remove all of them.
Of course to get that popup you needed to ask for permissions at runtime. So somewhere you probably are using it.
Related
I have a React Native Android app that is requesting the QUERY_ALL_PACKAGES inside android/app/build/intermediates/merged_manifests/release/AndroidManifest.xml, as well as several other places like, android/app/build/intermediates/bundle_manifest/release/bundle-manifest/AndroidManifest.xml
This permission is not requested/added to my android/app/src/main/AndroidManifest.xml.
I need to find out why this permission is required.
Since it is not present in my android/app/src/main/AndroidManifest.xml, I am assuming that is a permission required by one of the packages installed in my app.
How can I go about finding what package/dependency is requiring this permission?
Any help or guidance would be greatly appreciated.
You can see what packages are requesting what permissions in the manifest-merger-release-report.txt
In my case this was located inside:
android/app/build/outputs/logs/manifest-merger-release-report.txt
In Android 0, apps that want the capability of installing apk's must be specifically granted that permission by the user in the system settings. However, I havent been able to figure out how to get my app into the list of apps the user can pick from.
Can anyone point me in the right direction?
Thanks
Probably this blog post will help:
https://android-developers.googleblog.com/2017/08/making-it-safer-to-get-apps-on-android-o.html
To sum it up:
Need to declare the permission in your manifest <uses-permission android:name="android.permission.REQUEST_INSTALL_PACKAGES" />
Before install you should check if the permission is still granted (PackageManager.canRequestPackageInstalls()), if not you can request it again using
Intent intent = new Intent(Settings.ACTION_MANAGE_UNKNOWN_APP_SOURCES);
intent.setData(Uri.parse("package:YOURPACKAGENAME"));
I'm testing my app on an emulator. I have an export function where I create and write to a file in the external storage's downloads directory. And I also have an import function where I read a file from the external storage's downloads directory.
From Android documentation:
If the device is running Android 5.1 or lower, or your app's target SDK is 22 or lower: If you list a dangerous permission in your manifest, the user has to grant the permission when they install the app; if they do not grant the permission, the system does not install the app at all.
If the device is running Android 6.0 or higher, and your app's target SDK is 23 or higher: The app has to list the permissions in the manifest, and it must request each dangerous permission it needs while the app is running. The user can grant or deny each permission, and the app can continue to run with limited capabilities even if the user denies a permission request.
My emulator is running on Android 6.0 and my app's target SDK is 25, therefore I must also request each dangerous permission it needs while the app is running. I did so for the export functionality and everything works properly. However, when I'm implementing the import function I didn't request a permission during runtime. And the strange thing is I'm still able to read from my external storage's permission without READ_EXTERNAL_STORAGE being requested and granted at runtime. READ_EXTERNAL_STORAGE is a dangerous permission according to this Android documentation .
To verify, I made sure to disable permissions before I started using the feature and after it is completed, I verified again that the permission still wasn't granted. Although I'm happy with the behaviour since it's working without me requesting permission at runtime, but according to the documentations I don't believe this behaviour is expected. That's why I will like to know what's causing this and to figure out the problem before I publish any changes for the app.
Here's a code snippet of my manifest:
<uses-permission android:name="android.permission.INTERNET" />
<uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" />
<uses-permission android:name="android.permission.WRITE_EXTERNAL_STORAGE" />
The code snippet where I pick a file to read:
Intent intent = new Intent(Intent.ACTION_GET_CONTENT);
intent.setType("text/*");
startActivityForResult(intent, GET_FILE_RESULT_CODE);
The code snippet where I read the file chosen from the code snippet above (exportFile is simply the URI from onActivityResult):
BufferedReader br;
try {
br = new BufferedReader(new InputStreamReader(context.getContentResolver().openInputStream(exportFile)));
String line;
// Skip first header line
br.readLine();
while ((line = br.readLine()) != null) {...}
Thanks!
There's a well explanation here,
READ_EXTERNAL_STORAGE
Provides protected read access to external storage. In Android 4.1 by
default all applications still have read access. This will be changed
in a future release to require that applications explicitly request
read access using this permission. If your application already
requests write access, it will automatically get read access as well.
There is a new developer option to turn on read access restriction,
for developers to test their applications against how Android will
behave in the future.
In short, READ_EXTERNAL_STORAGE only exists as of Jelly Bean (Level 16). So, unless you're using a Jelly Bean phone and set the developer option "Protect USB storage" it won't be a problem.
You know,Android Runtime Permissions are grouped, since you applied for WRITE_EXTERNAL_STORAGE permission in the manifest already, so there's no need to apply for READ_EXTERNAL_STORAGE permissions.Both of them are the same group.
I'm trying to add a new permission in the android permission system. What I've found out till now is that the android manifest is in this directory : https://android.googlesource.com/platform/frameworks/base/+/master/packages/SystemUI/AndroidManifest.xml but the sms permissions are not included.
My question is if it feasible to create a new permission by merging the read and write permissions of sms or by modifying the code of the read permission of SMS. If it is feasible how it's done,where the code of the permissions resides and in which file those permissions are.
I have no experience with modifying roms,any help will be greatly appreciated.
While developing a Launcher (Homescreen) application for Android, I've come into a security exception I don't understand.
When calling the
[bindAppWidgetId()][1] method from
within my Launcher Activity, I get
this security exception :
08-19 11:30:11.689: ERROR/AndroidRuntime(6032): java.lang.SecurityException: bindGagetId appWidgetId=99 provider=ComponentInfo{com.android.music/com.android.music.MediaAppWidgetProvider}: User 10034 does not have android.permission.BIND_APPWIDGET.
I first thought I had forgotten the BIND_APPWIDGET permission in my manifest, but it is definitely there.
The android api documentation states this :
"You need the APPWIDGET_LIST
permission. This method is to be used
by the AppWidget picker."
I tried to add the permission android.permission.APPWIDGET_LIST, but it doesn't solve the issue.
Also, I've looked at the manifest of the Settings application from the android sources that contains the AppWidgetPickActivity code : there's a special line that asks to share user id :
"android:sharedUserId="android.uid.system"
Could it be related to my problem ?
If anyone has an idea that would be great !
Cheers,
Laurent
I've found an answer!
BindAppWidgetId() is deliberately not available to applications! (security problems).
"The android.permission.BIND_APPWIDGET
permission is a system permission. You
can only get that permission if your
package is installed as a system
package (installed in /system/app in
stead of /data/app) or sign you app
with a certificate that's the same as
your android image. So basicly this
means you can only use this permission
if you are also the creator of the
android image on your platform/phone."
Here are the links to this information :
http://groups.google.com/group/android-developers/browse_thread/thread/231245ba6d1e690f/047b9d3f776d7e54?lnk=gst&q=bindAppWidgetId#047b9d3f776d7e54
http://groups.google.com/group/android-developers/browse_thread/thread/f24e0f484a79d529/ef84188e8533a125?lnk=gst&q=bindAppWidgetId#ef84188e8533a125
A quick Google search reveals that android.permission.APPWIDGET_LIST is a usable permission, even though it's not listed in the API docs.