Let's talk about the love and hate between ordinary permissions and dangerous permissions

Let's talk about the love and hate between ordinary permissions and dangerous permissions

In Android development, permissions are a security mechanism used to control applications' access to system resources and data. The Android system provides a series of permissions, including but not limited to accessing the network, reading storage, and positioning. When developing an application, developers need to declare the required permissions in the manifest file (AndroidManifest.xml) so that the permission request can be displayed to users when they install the application and the required permissions can be obtained at runtime.

Example of an application's permission declaration for network access:

 <uses-permission android:name="android.permission.INTERNET" />

Permissions are divided into two types: ordinary permissions and dangerous permissions. Ordinary permissions are permissions that do not involve user privacy and sensitive data, and the system automatically grants them to the application. Dangerous permissions are permissions that involve user privacy and sensitive data, and require authorization from the user at runtime. Developers need to process the results of user authorization in the code and dynamically request permissions when permissions are needed.

General permissions

Ordinary permissions refer to permissions that do not involve user privacy or device operation, and usually do not require explicit authorization from the user. Generally speaking, ordinary permissions include access to network status, access to the network, access to WiFi connection status, etc. In Android application development, ordinary permissions that need to be used can be declared in the manifest file (AndroidManifest.xml).

 ACCESS_CHECKIN_PROPERTIES:读取和写入“properties”表在checkin数据库中ACCESS_LOCATION_EXTRA_COMMANDS:访问额外的位置提供命令ACCESS_NETWORK_STATE:获取网络信息状态ACCESS_NOTIFICATION_POLICY:希望访问通知策略的应用程序的标记许可ACCESS_WIFI_STATE:获取当前WiFi接入的状态以及WLAN热点的信息ACCOUNT_MANAGER:通过账户验证方式访问账户管理ACCOUNT_MANAGER相关信息BATTERY_STATS:更新手机电池统计信息BIND_ACCESSIBILITY_SERVICE:请求accessibilityservice服务BIND_APPWIDGET:告诉appWidget服务需要访问小插件的数据库BIND_CARRIER_MESSAGING_SERVICE:绑定到运营商应用程序中的服务BIND_CARRIER_SERVICES:绑定到运营商应用程序中的服务BIND_CHOOSER_TARGET_SERVICE:由ChooserTargetService要求的服务BIND_DEVICE_ADMIN:请求系统管理员receiver BIND_DREAM_SERVICE:由一个DreamService要求的服务BIND_INCALL_SERVICE:请求MidiDeviceService服务BIND_INPUT_METHOD:请求InputMethodService服务BIND_MIDI_DEVICE_SERVICE:由一MidiDeviceService要求的服务BIND_NFC_SERVICE:由HostApduServiceOffHostApduService要求的服务BIND_NOTIFICATION_LISTENER_SERVICE:由notificationlistenerservice要求的服务BIND_PRINT_SERVICE:由printservice要求的服务BIND_REMOTEVIEWS:通过RemoteViewsService服务请求BIND_TELECOM_CONNECTION_SERVICE:由ConnectionService要求的服务BIND_TEXT_SERVICE:由textservice要求的服务BIND_TV_INPUT:由TvInputService要求的服务BIND_VOICE_INTERACTION:由VoiceInteractionService要求的服务BIND_VPN_SERVICE:通过VpnService服务请求BIND_WALLPAPER:通过WallpaperService服务请求BLUETOOTH:连接配对过的蓝牙设备BLUETOOTH_ADMIN:发现和配对新的蓝牙设备BLUETOOTH_PRIVILEGED:配对蓝牙设备,无需用户交互BROADCAST_PACKAGE_REMOVED:广播一个提示消息在一个应用程序包已经移除后BROADCAST_SMS:当收到短信时触发广播BROADCAST_STICKY:收到广播后快速收到下一个广播BROADCAST_WAP_PUSH:WAP PUSH服务收到后触发广播CALL_PRIVILEGED:拨打电话,替换系统的拨号器界面CAPTURE_AUDIO_OUTPUT:捕获音频输出CAPTURE_SECURE_VIDEO_OUTPUT:捕获视频输出CAPTURE_VIDEO_OUTPUT:捕获视频输出CHANGE_COMPONENT_ENABLED_STATE:改变组件是否启用状态CHANGE_CONFIGURATION:改变配置信息CHANGE_NETWORK_STATE:改变网络状态,如是否联网CHANGE_WIFI_MULTICAST_STATE:改变WiFi多播状态CHANGE_WIFI_STATE:改变WiFi状态CLEAR_APP_CACHE:清除应用缓存CONTROL_LOCATION_UPDATES:获得移动网络定位信息DELETE_CACHE_FILES:删除缓存文件DELETE_PACKAGES:删除应用DIAGNOSTIC:RW到诊断资源DISABLE_KEYGUARD:禁用键盘锁DUMP:获取系统dump信息EXPAND_STATUS_BAR:扩展或收缩状态栏FACTORY_TEST:运行工厂测试模式FLASHLIGHT:访问闪光灯GET_ACCOUNTS_PRIVILEGED:访问帐户服务中的帐户列表GET_PACKAGE_SIZE:获取任何package占用空间容量GET_TASKS:获取信息有关当前或最近运行的任务GLOBAL_SEARCH:允许全局搜索INSTALL_LOCATION_PROVIDER:安装定位提供INSTALL_PACKAGES:安装应用INSTALL_SHORTCUT:创建快捷方式INTERNET:访问网络连接KILL_BACKGROUND_PROCESSES:结束后台进LOCATION_HARDWARE:使用定位功能的硬件MANAGE_DOCUMENTS:管理文档访问MASTER_CLEAR:执行软格式化,删除系统配置信息MEDIA_CONTENT_CONTROL:控制播放和内容MODIFY_AUDIO_SETTINGS:修改声音设置信息MODIFY_PHONE_STATE:修改电话状态MOUNT_FORMAT_FILESYSTEMS:格式化可移动文件系统MOUNT_UNMOUNT_FILESYSTEMS:挂载、反挂载外部文件系统NFC:执行NFC近距离通讯操作PACKAGE_USAGE_STATS:设置他的activities显示PERSISTENT_ACTIVITY:创建一个永久的Activity READ_FRAME_BUFFER:读取帧缓存READ_INPUT_STATE:读取当前键的输入状态READ_LOGS:读取系统底层日志READ_SYNC_SETTINGS:读取同步设置READ_SYNC_STATS:读取同步状态READ_VOICEMAIL:读取语音邮件REBOOT:重新启动设备RECEIVE_BOOT_COMPLETED:开机自动运行REORDER_TASKS:重新排序系统Z轴运行中的任务REQUEST_IGNORE_BATTERY_OPTIMIZATIONS:请求忽略电池优化REQUEST_INSTALL_PACKAGES:请求安装包RESTART_PACKAGES:结束任务SEND_RESPOND_VIA_MESSAGE:即时的短信息回复SET_ALARM:设置闹铃提醒SET_ALWAYS_FINISH:程序在后台是否总是退出SET_ANIMATION_SCALE:设置全局动画缩放SET_DEBUG_APP:设置调试程序SET_PREFERRED_APPLICATIONS:设置应用的参数SET_PROCESS_LIMIT:设置最大的进程数量的限制SET_TIME:设置系统时间SET_TIME_ZONE:设置系统时区SET_WALLPAPER:设置桌面壁纸SET_WALLPAPER_HINTS:设置壁纸建议SIGNAL_PERSISTENT_PROCESSES:发送一个永久的进程信号STATUS_BAR:打开、关闭、禁用状态栏SYSTEM_ALERT_WINDOW:显示系统窗口TRANSMIT_IR:使用设备的红外发射器UNINSTALL_SHORTCUT:删除快捷方式UPDATE_DEVICE_STATS:更新设备状态USE_FINGERPRINT:使用指纹硬件VIBRATE:允许程序振动WAKE_LOCK :允许程序在手机屏幕关闭后后台进程仍然运行WRITE_APN_SETTINGS:允许程序写入网络GPRS接入点设置WRITE_GSERVICES:允许程序修改Google服务地图WRITE_SECURE_SETTINGS:允许应用程序读取或写入安全系统设置WRITE_SETTINGS:允许程序读取或写入系统设置WRITE_SYNC_SETTINGS:允许程序写入同步设置WRITE_VOICEMAIL:允许应用程序修改和删除系统中的现有的语音邮件,只有系统才能使用

Dangerous permissions

In the Android system, dangerous permissions refer to those that involve user privacy or may have a significant impact on the device. These permissions require explicit authorization from the user before they can be called by the application.

SMS permissions

 SEND_SMS:发送短信RECEIVE_SMS:接收短信READ_SMS:读取短信RECEIVE_WAP_PUSH:接收WAP Push消息RECEIVE_MMS:接收彩信

Contact Permissions

 READ_CONTACTS:读取联系人WRITE_CONTACTS:写入联系人GET_ACCOUNTS:访问帐户列表

Storage permissions

 READ_EXTERNAL_STORAGE:读取SD卡中的内容WRITE_EXTERNAL_STORAGE:向SD卡中写入内容

Phone permissions

 READ_PHONE_STATE:读取手机状态CALL_PHONE:拨打电话READ_CALL_LOG:读取通话记录WRITE_CALL_LOG:写入通话记录ADD_VOICEMAIL:添加语音信箱USE_SIP:使用SIP协议进行网络电话PROCESS_OUTGOING_CALLS:处理呼出电话

Calendar permissions

 READ_CALENDAR:读取日历WRITE_CALENDAR:写入日历

Camera permissions

 CAMERA:访问摄像头

Location permissions

 ACCESS_FINE_LOCATION:访问精准位置ACCESS_COARSE_LOCATION:访问大致位置

Sensor permissions

 BODY_SENSORS:访问传感器

Microphone permissions

 RECORD_AUDIO:录音

The use of these dangerous permissions requires user authorization, and developers need to clearly explain the reasons for using these permissions in the application.

<<:  How do iPhone and Android phones receive push notifications?

>>:  In-depth study of Android Dalvik's Dex file format

Recommend

Top 10 Marketing Keywords in 2020

Looking back at 2020, although affected by the ep...

Frequently asked questions and answers about user growth!

This article is just a beginning, sorting out 5 v...

Encountering the "flame" of the starry sky: exploring the mystery of the sun

Produced by: Science Popularization China Author:...

Discussion on the technical architecture and application model of mobile payment

With the full advancement of bank card chipizatio...

Tips for breaking 1 billion GMV in live streaming!

Many people may think that a set of gameplay must...

The pain is unbearable when my nails just show their sharp corners

I don’t need to describe the feeling of stubbing ...

How to get the approval of senior management for SEO implementation plan?

As an SEO for a large company, the most difficult...

Why are high-defense servers so expensive?

Why are high-defense servers so expensive? The In...

The goldfish has been wronged for so long, will it really eat to death?

Goldfish don’t die from being “overfed”, they die...