Basically, I searched through all the internet and found big, fat zero about that.
My app is using sms sending service and I need SMS_SEND permission. When I add it and run - Eclipse says that I have errors in my code AND antivirus alert that they blocked Android.Trojan.SMS_SEND.NR. I don't care about the latter - because it doesn't show up without SMS_SEND permission.
All I found is in Lint Error Checking:
"Looks for permissions that are only granted to system apps
Permissions with the protection level signature or signatureOrSystem are only granted to system apps. If an app is a regular non-system app, it will never be able to use these permissions."
BUT what matters the most - other app tha use that permission is fine. So what could happened? I need that service to be in that app.
<manifest xmlns:android="http://schemas.android.com/apk/res/android"
package="com.mypackage.etc"
android:versionCode="1"
android:versionName="1.0">
<uses-sdk android:minSdkVersion="16" android:targetSdkVersion="19" />
<uses-permission android:name="android.permission.SEND_SMS" />
<application
android:label="#string/app_name"
android:icon="#drawable/ic_launcher"
android:theme="#style/AppTheme">
<activity
android:name=".MainActivity"
android:label="#string/app_name">
<intent-filter>
<action android:name="android.intent.action.MAIN" />
<category android:name="android.intent.category.LAUNCHER" />
</intent-filter>
</activity>
</application>
Your Android AV Software (F-Secure?) is blocking the code probably based on heuristics or signature. As most if not all Android AV Software is worthless I'd remove that first. Assuming you are not using a rooted device it must simply be picking this up from a manifest scan or some use of the Package Manager.
The "signature or signatureOrSystem" is not applicable to the SEND_SMS permission and whilst you may find a use for using the signature permission cross (identically signed) applications, it is unlikely you are using this.
Please show us your manifest.
Related
All:
I got one of those Android Privacy Policy notifications for an Android watch face I wrote. I wrote it in Android Studio, and it has the following permissions:
android.permission.ACCESS_NETWORK_STATE
android.permission.GET_ACCOUNTS
android.permission.INTERNET
android.permission.READ_EXTERNAL_STORAGE
android.permission.USE_CREDENTIALS
android.permission.WAKE_LOCK
android.permission.WRITE_EXTERNAL_STORAGE
com.google.android.c2dm.permission.RECEIVE
I really don't need all of those. I really think I only need the WAKE_LOCK and I think one other one. It shouldn't use any sort of writing, accessing networks, or any of that other stuff.
But the odd thing is, I can't find anywhere in my app where these permissions are located. This is my Wear manifest:
<?xml version="1.0" encoding="utf-8"?>
<uses-feature android:name="android.hardware.type.watch" />
<!-- Required to act as a custom watch face. -->
<uses-permission android:name="com.google.android.permission.PROVIDE_BACKGROUND" />
<uses-permission android:name="android.permission.WAKE_LOCK" />
<application
android:allowBackup="true"
android:icon="#mipmap/ic_launcher"
android:label="#string/app_name"
android:theme="#android:style/Theme.DeviceDefault" >
<service
android:name=".MorseWatchFace"
android:label="#string/my_digital_name"
android:permission="android.permission.BIND_WALLPAPER" >
<meta-data
android:name="android.service.wallpaper"
android:resource="#xml/watch_face" />
<meta-data
android:name="com.google.android.wearable.watchface.preview"
android:resource="#drawable/preview_digital" />
<meta-data
android:name="com.google.android.wearable.watchface.preview_circular"
android:resource="#drawable/preview_digital_circular" />
<intent-filter>
<action android:name="android.service.wallpaper.WallpaperService" />
<category android:name="com.google.android.wearable.watchface.category.WATCH_FACE" />
</intent-filter>
</service>
<meta-data
android:name="com.google.android.gms.version"
android:value="#integer/google_play_services_version" />
</application>
And this is my Mobile manifest:
<manifest xmlns:android="http://schemas.android.com/apk/res/android" package="monte.morsewatch">
<application android:allowBackup="true" android:label="#string/app_name"
android:icon="#mipmap/ic_launcher" android:theme="#style/AppTheme">
</application>
I know I'm missing something. The email said I had until January 30th to fix it, but I am unsure what I need to change to fix it.
Any help greatly appreciated.
Based from this documentation, the user must now grant permissions to Wear apps separately from the handset versions of the apps. Previously, when a user installed a Wear app, it automatically inherited the set of permissions that the user had granted to the handset version of the app. To declare that your app needs a permission, you're right in putting a <uses-permission> element in your app manifest, as a child of the top-level <manifest> element.
This SO thread might also help on how to remove unwanted permissions in your app.
The extra permissions are probably being added by some part of Google
Play Services - and which probably doesn't need them for what you're
doing.
Solution #1 is to only use the pieces of Google Play Services that you
actually need. In your Wear module's build.gradle file, you might
have an entry that looks like this:
dependencies {
compile com.google.android.gms:play-service:8.4.0
}
However, that will bring in the entire Play Services library -
which requires a number of extra permissions. It might well be that
all you need is this:
compile com.google.android.gms:play-services-wearable:8.4.0
...or perhaps other specific modules. But the point is, don't include
more than you need.
If you've pared the dependencies back as far as you can, and you're
still getting extra permissions in your merged manifest, then you may
need Solution #2 - which I described in detail in a different answer:
https://stackoverflow.com/a/31017339/252080
Hope this helps!
Following is the AndroidManifest.xml for a Simple Bluetooth pairing Android Project
<?xml version="1.0" encoding="utf-8"?>
<manifest xmlns:android="http://schemas.android.com/apk/res/android"
package="com.example.bluetoothglassend"
android:versionCode="1"
android:versionName="1.0" >
<uses-permission
android:name="android.permission.BLUETOOTH"
android:maxSdkVersion="19" />
<uses-permission
android:name="android.permission.BLUETOOTH_ADMIN"
android:maxSdkVersion="19" />
<uses-permission
android:name="android.permission.BLUETOOTH_PRIVILEGED"
android:maxSdkVersion="19" />
<application
android:allowBackup="true"
android:icon="#drawable/ic_launcher"
android:label="#string/app_name"
android:theme="#style/AppTheme" >
<activity
android:name=".MainActivity"
android:label="#string/title_activity_main" >
<intent-filter>
<action android:name="android.intent.action.MAIN" />
<category android:name="android.intent.category.LAUNCHER" />
</intent-filter>
</activity>
</application>
</manifest>
Although not required, I've added permissions for all BLUETOOTH parameters I can find. Yet, I get this error :
java.lang.SecurityException: Need BLUETOOTH permission: Neither user 10145 nor current process has android.permission.BLUETOOTH.
Any Ideas?
As an additional note, I imported this project in Android Studio from Intellij
The maxSdkVersion attribute version is for telling the highest API level at which this permission should be granted to your app. Setting this attribute is useful if the permission your app requires is no longer needed beginning at a certain API level.
For example, beginning with Android 4.4 (API level 19), it's no longer necessary for your app to request the WRITE_EXTERNAL_STORAGE permission when your app wants to write to its own application-specific directories on external storage (the directories provided by getExternalFilesDir()). However, the permission is required for API level 18 and lower. So you can declare that this permission is needed only up to API level 18 with a declaration such as this:
<uses-permission
android:name="android.permission.WRITE_EXTERNAL_STORAGE"
android:maxSdkVersion="18" />
This way, beginning with API level 19, the system will no longer grant your app the WRITE_EXTERNAL_STORAGE permission.
So the error was that even lollipop needs you to ask permission for accessing bluetooth.
Looks like it was a pretty straightforward solution. I was testing on Android Lollipop ( > maxSdkVersion ) hence the error.
When I install my app on an AVD (or a real device), it shows the requested permissions as "Storage - modify/delete SD card contents" and "Phone calls - read phone state and identity"
However, I don't need these permissions and have not requested them in my AndroidManifest.xml (see below).
What is causing these permissions to be requested, and how can I prevent the permissions being required?
<?xml version="1.0" encoding="utf-8"?>
<manifest android:versionCode="1" android:versionName="1.0" package="my.App"
xmlns:android="http://schemas.android.com/apk/res/android">
<application android:label="#string/app_name" android:debuggable="true">
<activity android:label="#string/app_name" android:icon="#drawable/icon" android:name="com.co.my.App">
<intent-filter>
<action android:name="android.intent.action.MAIN" />
<category android:name="android.intent.category.LAUNCHER" />
</intent-filter>
</activity>
</application>
</manifest>
There may not be enough information here to diagnose the problem - any information about how required permissions are specified / calculated would be appreciated
These permissions were not required in the first release of Android.
In order to avoid apps developed against that breaking on subsequent release devices where they are required to perform associated actions, they are automatically added at install time if the AndroidManifest.xml does not have a uses sdk tag declaring a version subsequent to their introduction (which would be 3, if I recall correctly).
See http://developer.android.com/guide/topics/manifest/uses-sdk-element.html#target
I've been creating an android app and when I export (and sign) it, it always adds a "Development tools (test access to protected storage" permission that I had never set.
This is my manifest:
<manifest xmlns:android="http://schemas.android.com/apk/res/android"
package="com.example.tdr"
android:versionCode="1"
android:versionName="1.0" >
<uses-sdk
android:minSdkVersion="8"
android:targetSdkVersion="15" />
<uses-permission android:name="android.permission.WRITE_EXTERNAL_STORAGE" />
<application
android:icon="#drawable/ic_launcher"
android:label="#string/app_name"
android:theme="#style/AppTheme">
<activity
android:name=".MainActivity"
android:label="#string/title_activity_main" >
<intent-filter>
<action android:name="android.intent.action.MAIN" />
<category android:name="android.intent.category.LAUNCHER" />
</intent-filter>
</activity>
<activity
android:name="Escriure"
android:enabled="true" >
</activity>
<activity android:enabled="true" android:name="Llegir"></activity>
</application>
</manifest>
I do need to write and read files from the external storage, but not to use (¿?) development tools. Where is the problem? Thanks!
Android has added a new permission that needs to be added for Jelly Bean. Please read this article, which is copied below for quick reference:
Now, in Jelly Bean, we’re getting the “read external storage”
permission. According to Google:
READ_EXTERNAL_STORAGE
Provides protected read access to external
storage. In Android 4.1 by default all applications still have read
access. This will be changed in a future release to require that
applications explicitly request read access using this permission. If
your application already requests write access, it will automatically
get read access as well. There is a new developer option to turn on
read access restriction, for developers to test their applications
against how Android will behave in the future. So, when you hop into
the development options on your Jelly Bean device, don’t be surprised
to see this new option. We won’t see the permission in Android 4.1.0,
but most likely in 4.1.1, and its intention is to keep your device
more secure.
I come across a weird problem, I got an application allowing to freely change the font size on Android Device (Font Size Setter). It uses introspection to call some internal Android apis. To do this call, it needs the following permission : android.permission.CHANGE_CONFIGURATION. It worked like a charm under Android 4.0 and up to 4.2 where it does not work anymore.
Digging into logs I found out that I can't update font size because it misses this permission. Debbuging to check effective permissions, I got these when inspecting the PackageInfo corresponding to my app
requestedPermissions = {java.lang.String[2]#830038778728}
[0] = {java.lang.String#830038778760}"android.permission.CHANGE_CONFIGURATION"
[1] = {java.lang.String#830038778896}"android.permission.WRITE_SETTINGS"
requestedPermissionsFlags = {int[2]#830038779016}
[0] = 1
[1] = 3
Does somebody got any clue about what's going on, or any workaround idea ?
Thanks a lot for reading me.
Per request, the AndroidManifest.xml file
<?xml version="1.0" encoding="utf-8"?>
<manifest xmlns:android="http://schemas.android.com/apk/res/android"
package="fr.gatay.android.fss"
android:versionCode="1"
android:versionName="1.0">
<uses-sdk android:minSdkVersion="14"/>
<uses-permission android:name="android.permission.CHANGE_CONFIGURATION" />
<uses-permission android:name="android.permission.WRITE_SETTINGS"/>
<application android:label="#string/app_name" android:icon="#drawable/app_icon">
<activity android:name=".MainActivity"
android:label="#string/app_name">
<intent-filter>
<action android:name="android.intent.action.MAIN"/>
<category android:name="android.intent.category.LAUNCHER"/>
</intent-filter>
</activity>
</application>
</manifest>
Check this post http://blog.sightidea.com/?p=44
You can ask your user to grant permission to the app with adb tool:
>adb shell
>pm grant com.yourapp.packagename android.permission.CHANGE_CONFIGURATION
The protection level of CHANGE_CONFIGURATION permission has been changed to "system|signature|development" (v4.2) from "dangerous" (v4.1 and below) since Android v4.2
It looks like that no way for 3rd part apps to get CHANGE_CONFIGURATION permission on Android 4.2+ devices. :-(
At least at present, CHANGE_CONFIGURATION requires for your app either to be signed by the firmware signing key or be installed on a system partition. You can see this by examining the framework manifest, where these permissions are defined.