Hello everyone,
I am a computer science student, noob java developer, web and database programmer and a general all around nerdy fellow.
Short Version (if you don't want to read):
How does the application level permission system work on the Android OS? Is it all simply held within the Manifest.permission xml file? Every time an application commits to an action that would require permission, does it simply do a quick check of the ID and then cross-reference the Manifest.permission file at the system level?
Long Version (if you want to read):
I have been looking at LBE Security as an app to allow me to control on a per app basis which permissions they are allowed to have. A wicked awesome idea. The only problem (aside from it not being open source) is that it drains the battery through CPU usage of its active guard feature.
I thought to myself there must be a simple way to manage the permissions of all apps without the necessity of a background service continually running. Could not an app be created (which would of course require root access) that would allow you to edit (through a GUI) the permissions of all your applications. Write to the Manifest.permission the appropriate changes and then close. Thus negating any continuously running background service drain on the CPU/mem=> battery?
Is this how all permissions for applications are handled through this one file? Or am I missing something?
I have searched quite a bit, as far as I can tell its all handled by Manifest.permission. Please enlighten me if I am mistaken.
Related
Helping friend with a cheating husband. She wants something that can log URLs visited to see if he's making new webmail accounts. Any suggestions?
I figured a stealthy way to do this would be something like privoxy installed via the commandline and started in an init script. He's already rooted his phone, so that should make things a bit easier.
Basically the requirements are hidden (doesn't show in apps list or drawer), can log URLs, doesn't add significant battery drain. I see a bunch of paid apps (mobispy, etc) but can't verify if they're hidden from android OS. If he can just kill it with a something like ES Task Manager and uninstall it with Settings->Apps, it's probably not sufficient.
NDK
Hi.
You can introduce any cross compiled binary into the android system if the phone is already rooted. You can compile programs via the NDK and put them in /system, androids software center will never now.
It's probably easiest to install a network sniffer like tcpdump or even better tshark from wireshark. Just start it in init.d and let it write the first 1k bytes of every packet (port 80/443) to a capture file hidden in some sub directory. This will most likely drain battery.
As for hiding in the process list, it's probably easier to rename your sniffer to something harmless like 'wpa-agent'.
* BUT *
You basically want to introduce malware on another ones phone. This might be a felony in your country. And it's certainly unethical. In these cases I always suggest talking to the partner instead of spying. If it comes to spying on your partner the trust, which is needed in a relationship, is already severly damaged. And I'm really not sure that looking out for webmail accounts will repair this trust.
Being a Noob to Android I thought I'd install some location based profile software which is one of the things that Android owners always say they can do which is lacking from the iPhone.(where I come from)
Lamma seems to be recommended but the permissions it asks for include:
"Add or modify calendar events and send email to guests without owners' knowledge. read calendar events plus confidential information"
clicking on the detail is even more scary.
Android tells you what it's going to do - but do users actually allow this? Most apps seem to want permissions that you would have to be mad to accept.
Can I not install any useful app without agreeing to terms that are unacceptable?
What am i missing? Do people just allow unrestricted access? Not install any app? or is there a way of installing apps but not giving them stupid access?
I can't believe people allow that sort of access - I must be missing something.
Some custom after market ROMs allow to drop any permission by user but it may render app useless.
Most of the time apps are not malware, but sometimes they may be. You can contact developer of the app requesting for reasons of these permissions and he may reply better.
you can always use auto start manager app within the rom toolbox to control the permissions of the apps..
Confucious said:
Being a Noob to Android I thought I'd install some location based profile software which is one of the things that Android owners always say they can do which is lacking from the iPhone.(where I come from)
Lamma seems to be recommended but the permissions it asks for include:
"Add or modify calendar events and send email to guests without owners' knowledge. read calendar events plus confidential information"
clicking on the detail is even more scary.
Android tells you what it's going to do - but do users actually allow this? Most apps seem to want permissions that you would have to be mad to accept.
Can I not install any useful app without agreeing to terms that are unacceptable?
What am i missing? Do people just allow unrestricted access? Not install any app? or is there a way of installing apps but not giving them stupid access?
I can't believe people allow that sort of access - I must be missing something.
Click to expand...
Click to collapse
You really have to think about what the app could be using the permission for, for example something like tasker pretty much needs every permission going because it allows you to set anything up as a profile etc.
The rule of thumb is to look at the app reviews, look at the permissions and just think about what the app could be using it for.
Sure a soundboard style app shouldnt need to make phone calls but many apps do need permissions that at first glance you might not think are needed.
And if your really in doubt email the developer and ask them to explain why they need this permission.
Surprise :laugh:
http://www.xda-developers.com/android/manage-individual-app-permissions-with-xprivacy/
How to redefine app "system permissions" ? Or if not possible howto make app that ...
Hi Everyone,
I'm new to android, and having 2 different phones (running 5.1.1 and 6.0.1 versions, both rooted) and numbers I have quite some issues with apps (paying gps outdoor app, whatsapp,...) and since I travel a lot many connections issues to accounts on other apps "you seem to not be...." with codes I don't get because I'm roaming
In order to find a way to use them with the same accounts and settings on both phones and to solve the authentication issues, I took different angles to solve it, but none worked. In doing so I discovered many ways to enforce permissions through the code that where disabled by the user (worse than I thought). Well I dislike and want to change it.
Anyway to make things shortne approach is to completely limit the app access all localisation approach, phone ID, number, carrier, IP number, other accounts on the phone....
On the 5.1.1 I tried:
App Ops => allows to "change" if one looks in the App, but changes are not effective (way apps work and according to "Explorateur de permissions")
Apk permissions works but only on some user installed apps, I tried moving system apk to other folders, change them through the Apk permissions and reinstall them, didn't work
Decompiling the apk with Apk Studio, changing manifest, recompiling, reinstalling seems to not be enough, if I understood it right if the code contains specific rights and there not in the manifest, it doesn't work. Right
next step would be to dig into the code and change it...
All this is extremely time consuming even if it would be the "clean way"
On the 6.0.1 :
I removed the bloatware with Root Uninstaller,
Modified the permissions apps had, incl system apps
And since some apps still seemed to exchange some information over data or wifi, I limited all background data usage over data or wifi.
All this make my phone much less user friendly and does not solve my issues
So please, I you know of a reliable "easy" way to really manage permissions, or to generate a master permission file that overwrites apps permissions? removing all weird "granted", or if you have any idea on how you'd start it, please let me know
From this "clean approach" I got to spoofing, which seemed to be a solution to work around some issues using several different apps that would change the location, the IP, the network, VPN, spoof caller ID, ...
Well... since I had discovered all kind of right that can be given to an app, I checked their manifests before installing them. They might solve some issues, but generate worse problems (billing?!!all social media accounts?! create social accounts?!?)
So is there a clean app that lets you temporarily "clone" phone1 on phone 2 considering they are not at all the same (manufacturer, android, phoneID, carrier, phone number) and change the location and this only to some apps? Still have to use SIM carrier.
If not, any hints on how to write this?
thx :laugh:
---------------------
Hasbeen developper, totally new to Android who still believes that technology should allow to increase productivity and respect FREEDOM and PRIVACY.
I am building a project in which I need to make my app run every time like the split screen.
The first section must be 30% of screen and user can not remove/uninstall my app and even he can not kill the app.
My app needs to be run all the time and in 70% of screen the end user can run anything they want.
I am trying to understand the aosp for emulator to make a partition in android screen 30% for my app and 70% for rest of the apps.
Please do not warn me about licence and other EULA terms because my client already handling that.
I am trying to do this by modifying the SystemUI and the framework apps but no luck
Can anyone suggest the best practice to achieve this?
Thanks in advance.
TL,DR: the possibility to control permissions in apps are one of the most important advantages of rooting (in my opinion).
Seeing that App Settings is somewhat being underestimated, let’s talk about the powerful permission manager that it has.
I think that permission management alone is one of the most important things of rooting. The possibility to control what permissions grant to apps, besides what Google wants you to be able to control in Android, is absolutely critical for a power user.
Let’s see some examples. Right now everything is “free” because telemetry and you being “the product” for companies... You can be OK with that if you want to. But where did you accept that EVERYTHING in your cell phone should have ads? I don’t remember accepting that... Well, thanks to rooting + AdAway + some browsers and user permission management, you can have a ad-free cell phone (really) and with more battery life, less background internet usage and faster because you can stop every app for syncing constantly because of ads...
There was a time when almost the only app that could do effectively permissions management for rooted cellphones was Stericson’s “Permissions Denied”. The problem was that you needed to restart your Android System everytime you changed permissions, and in later Android and the app versions it was being less stable and effective.
With the great xPosed everything changed. Now you have some modules that took over that advantage. Some of them are: xPrivacy, Permissions Master, and App Settings.
In my humble opinion, xPrivacy works as a some sort of “permissions firewall”. It has deep control of some aspects, but at the cost of too many things to pay attention to, and resources of the system.
The approach of Permissions Denied / Permissions Master and App Settings is that them work similar of controlling permissions as if you control some Internet connections in Windows systems with the “hosts file”.
You can select from available permissions and, for example, control and deny Internet access completely to an app. Android permissions management won’t allow you to stop an app from connecting to Internet altogether, because of ads.
If some “ruler app” for example, claims that is “free” and “ad free”, whatever reason... Why should it connect to Internet, have access to your contacts, etc.? Let’s imagine that you still want to use that app, but you don’t want it to connect to Internet. Solution? App Settings!!!
And the advantage of App Settings is that it works in real time. If you change some permission for an app and it stop working, you can reverse that, and it works almost instantly. Permissions Master is similar, but some changes won’t stick denying permissions to apps.
I simply can’t believe that the rooting community, with XDA being one of the greatest forums about Android tuning, is letting App Settings fade away.
So, consider this just a reminder that being able to control fast, and effectively ALL the permissions that apps use in your Android System is one big advantage that deserves to not disappear, if we still care for rooting and user controlling what the apps in your system are doing.
One last thing, another example of permissions to control in your Android are: what apps should start after booting, what apps should keep working in the background, which ones should access your contacts... etc.
With App Settings you can control all that and more, in a fast, effective and easy way. I love Firefox, but I don’t want it to start while Android boots, or be able to access my camera (I don’t use Firefox for any camera related thing), etc.
You can’t do that at the same level with Android permissions management. It just let you control stuff that won’t go against ad industry. It’s understandable, but Google won’t be harmed by the minority of us that just want to be able to control which apps should connect to Internet and which ones shouldn’t...
I would love to contribute to Apps Settings development, but sadly coding isn't one of my capabilities. This thread wasn't intended to explain to the great and brilliant community of XDA what App Settings do (you already know), it just a general description for everyone and try to keep the user permissions management in spotlight.
If you reached here, thank you for reading!
Sorry for my english, it’s not my native language.