Académique Documents
Professionnel Documents
Culture Documents
(Android Platform)
Application Permissions
Tahir Farooq
FAST-NU
This Lecture
• The Application Permissions
Android security architecture
• No application, by default, has permission to
perform any operations that would adversely
impact other applications, the operating system, or
the user.
<manifest … >
<uses-permission android:name="android.permission.CAMERA”/>
<uses-permission android:name="android.permission.INTERNET”/>
<uses-permission android:name=“android.permission.ACCESS_FINE_LOCATION”/>
…
</manifest >
http://developer.android.com/reference/android/Manifest.permission.html
~ 150 permissions
• Which of the following describe situations where
permissions might be used?
To restrict access to costly operations.
To restrict access to device hardware features.
To restrict access to user data.
To restrict application loading to devices that run a specific
version of Android.
• Which of the following describe situations where
permissions might be used?
√ To restrict access to costly operations.
√ To restrict access to device hardware features.
√ To restrict access to user data.
× To restrict application loading to devices that run a specific
version of Android.
• Which XML tag does an application use to specify
permissions that the device's user must grant to the
application before that application can run on the
user's device.
– android:permission.
– <permission>
– <uses-permission>
– <define-permission>
• Which XML tag does an application use to specify
permissions that the device's user must grant to the
application before that application can run on the
user's device.
× android:permission.
× <permission>
√ <uses-permission>
× <define-permission>
Defining Permissions
• Apps can also define and enforce their own
permissions
– Other Applications must get your permission
• Suppose your application performs a
privileged/dangerous operation
• You might not want to allow just any application to
invoke yours
• So you can define & enforce your own permission
Permission Format Card Example
• Simple Application that performs a (just pretend)
dangerous action
– Formatting External Memory Card
Define & Enforce Permission
• IF you don’t want just anyone to run
– PermissionExampleBoom
• Define & enforce an application-specific permission
App 1 App 2
Start Activity 2
Intent Intent
<manifest … >
<manifest … > <permission
android:name=“SpecialPermission”
<uses-permission android:name=“SpecialPermission”/> android:label=“SpecialPermission”
android:description=“SpecialPermission”/>
…
…
</manifest > <uses-permission android:name=“SpecialPermission”/>
…
</manifest >
• Which XML tag or attribute is used to specify an
application-specific permission that an application
requires of any other application that wants to
interact with it?
– android:permission
– <permission>
– <uses-permission>
– <define-permission>
• Which XML tag or attribute is used to specify an
application-specific permission that an application
requires of any other application that wants to
interact with it?
× android:permission
√ <permission>
× <uses-permission>
× <define-permission>
Component Level Permissions
• Individual components can set their own
permissions, restricting which other components
can access them
• http://developer.android.com/guide/topics/security/permissions.html