Hacker News new | past | comments | ask | show | jobs | submit login

I'm not an expert on Android permissions, but those seem reasonable to me. What permissions do you have a problem with, and what should they replace it with, or do you think is totally unnecessary?



It would be interesting to know why a news reading application needs full access to my file system.


The BBC news app caches pics and content - that's how when you open it a second time (even if it was shut down) it can show the tiles really quickly without downloading them.


Okay, and why does that mean it needs access to my complete filesystem rather than just a little namespaced, security-controlled chunk of filesystem allocated by the OS to it?


Historically, on Android, there has been very little space in the data area for each individual app. An app that cached to that would have been unusable on my Nexus One for example, where I constantly had to delete apps whenever I wanted to install a new one, and I had very few - something like 10 or 15.

The best place for the user has been to cache to the SD card, or the internal storage partition setup to look like an SD card. There are even many root required hacks to move app data to there and similar. The storage permission is needed to access the SD card, however.

Even in non-rooted Android things are changing, however. Apps that accept certain limitations, like no reliable background services, can be set to be installed to SD card. The latest versions do away with mounting as an SD card entirely and should help unify the storage, although everyone hates the new MTP protocol being used to access data from the PC when the phone is plugging in now.


One issue with these permissions is that I don't have a clue what they mean. Does the list of permissions I posted give that app the right to read all my personal data and upload it to one of their servers? Can it delete all my contacts or pictures? Can it make phone calls on my behalf or record my phone calls and upload the audio file to a server?


I know it's not answering your actual point, but I'll answer your specific questions. No, it can't record audio, or make phone calls on your behalf -- both require specific permissions that aren't listed here. It can't access your contacts at all, either, as that requires a specific permission.

Pictures are stored on the SD card, so the app could read all your pictures, upload them, then delete them. Newer devices have more internal storage, so hopefully applications will gradually move away from using this permission. Apparently, the next version of Android will introduce a new permission for reading the SD card too -- at present, any application may read from the SD card.

"Read[ing] all my personal data" depends on what you count as personal data -- security-sensitive info should not be on the SD card (things like phone number (although the phone state and identity permission gives access to this), contacts, account details), but anything that is on the SD card may be read by any application. That means pictures and music, at least.

I wonder if it might be useful to always list all of the common permissions, to make it easier to see which ones an application doesn't have. I've installed enough Android apps to have a reasonable idea of what's available (and by extension, what any given app can't do) but it's reasonable to assume I'm in a small minority.


Why not just do the same thing we have been using for years, /tmp. If the program just needs scratch space why do we deem it proper to allow any app to traverse an entire partition so it can set down a couple of files?


Thanks for the info. I agree that knowing what an app can't do would be very useful.

And I think there should be a notion of "secure/private/encrypted storage". So when I tell an app to store some item there, I can be absolutely certain that no other app will ever be able to access it, regardless of any permissions.


Every app has its own protected storage space, but that's historically often been quite restricted in size. This is where things like SQLite databases are usually stored. It's also (pretty much by definition) not accessible using a file manager and it's much more difficult to share data from it, so it's not appropriate for music or pictures.




Consider applying for YC's W25 batch! Applications are open till Nov 12.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: