5,594,341 Members 38,041 Now Online
XDA Developers Android and Mobile Development Forum

Objective of Kitkat SD Card Permissions

Tip us?
 
nlatifolia
Old
#1  
nlatifolia's Avatar
Senior Member - OP
Thanks Meter 33
Posts: 146
Join Date: Jan 2014
Location: Malang, Indonesia

 
DONATE TO ME
Default Objective of Kitkat SD Card Permissions

Regarding 4.4 Kitkat External SD Card access permision, anyone can explain to us what is the objective of having such rigid permissions ?

"....

Starting in Android 4.4, the owner, group and modes of files on external storage devices are now synthesized based on directory structure. This enables apps to manage their package-specific directories on external storage without requiring they hold the broad WRITE_EXTERNAL_STORAGE permission. For example, the app with package name com.example.foo can now freely access Android/data/com.example.foo/ on external storage devices with no permissions. These synthesized permissions are accomplished by wrapping raw storage devices in a FUSE daemon.
..."

Full source : http://source.android.com/devices/tech/storage/
 
aydc
Old
#2  
aydc's Avatar
Senior Member
Thanks Meter 377
Posts: 992
Join Date: Jul 2006
On 4.3 and older, a malicious app can wipe the whole sdcard with standard permissions. New permissions prevent it.
The Following User Says Thank You to aydc For This Useful Post: [ Click to Expand ]
 
nlatifolia
Old
#3  
nlatifolia's Avatar
Senior Member - OP
Thanks Meter 33
Posts: 146
Join Date: Jan 2014
Location: Malang, Indonesia

 
DONATE TO ME
Quote:
Originally Posted by aydc View Post
On 4.3 and older, a malicious app can wipe the whole sdcard with standard permissions. New permissions prevent it.
So this is useful then not a considered 'bug'..

I guess there will be no benefits anymore to use 3rd party file manager if we dont root our phones. Niche market just collapsed.
 
pete4k
Old
#4  
Senior Member
Thanks Meter 53
Posts: 315
Join Date: Jan 2014
Sorry, but I have follow up questions:
I wonder how many malicious pieces of software like that are in a Google Play store to warrant breaking most third party applications that write to SD card? But I guess now, that apps can't write to SD card, there will be not much to protect there anyhow? And how will this all work in the future, once apps get their permissions fixed? I won't be allowed to access my card or format it at will? or will I be able to grant those permissions, but then how would I know the software is malicious any more than I know now? Am I too stupid to grasp the logic of all this?
 
nlatifolia
Old
#5  
nlatifolia's Avatar
Senior Member - OP
Thanks Meter 33
Posts: 146
Join Date: Jan 2014
Location: Malang, Indonesia

 
DONATE TO ME
Quote:
Originally Posted by pete4k View Post
Sorry, but I have follow up questions:
I wonder how many malicious pieces of software like that are in a Google Play store to warrant breaking most third party applications that write to SD card? But I guess now, that apps can't write to SD card, there will be not much to protect there anyhow? And how will this all work in the future, once apps get their permissions fixed? I won't be allowed to access my card or format it at will? or will I be able to grant those permissions, but then how would I know the software is malicious any more than I know now? Am I too stupid to grasp the logic of all this?
That's what I had in mind too but if you see from the source link above I think Google is anticipating MULTI USER environment where some "stuffs" from me could wrack havoc some of "your stuffs". That scenario actually will only happen on MULTI USER tablet / smartphone, but that surely not mainstream are they ?
 
meti84
Old
#6  
Member
Thanks Meter 4
Posts: 43
Join Date: Nov 2008
Location: Brescia
Quote:
Originally Posted by pete4k View Post
Sorry, but I have follow up questions:
I wonder how many malicious pieces of software like that are in a Google Play store to warrant breaking most third party applications that write to SD card? But I guess now, that apps can't write to SD card, there will be not much to protect there anyhow? And how will this all work in the future, once apps get their permissions fixed? I won't be allowed to access my card or format it at will? or will I be able to grant those permissions, but then how would I know the software is malicious any more than I know now? Am I too stupid to grasp the logic of all this?
As stated on source.android.com:

Starting in Android 4.4, the owner, group and modes of files on external storage devices are now synthesized based on directory structure. This enables apps to manage their package-specific directories on external storage without requiring they hold the broad WRITE_EXTERNAL_STORAGE permission. For example, the app with package name com.example.foo can now freely access Android/data/com.example.foo/ on external storage devices with no permissions. These synthesized permissions are accomplished by wrapping raw storage devices in a FUSE daemon.
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes


XDA PORTAL POSTS

HTC Releases Dual Lens SDK for the HTC One M8 (2014)

One of the highlights of the HTC One M8is its new dual lens camera system. Termed … more

Google ATAP Reveals Project Ara Developer Kits and 100K Prize Challenge

Today, Paul Eremenko from Google’s Advanced Technology and … more

Configure Your System Settings on a Per-App Basis

Do you ever like to make sure that certain device settings are enabled prior to entering a … more