Welcome to XDA

Search to go directly to your device's forum

Register an account

Unlock full posting privileges

Ask a question

No registration required
Post Reply

[Q] Permissions manager?

OP rogier666

16th April 2011, 04:59 AM   |  #1  
OP Senior Member
Thanks Meter: 126
 
544 posts
Join Date:Joined: Jan 2011
Some apps ask for more permissions than I want to give them.

With DroidWall I can take internet permissions away from individual apps, which is great for all those app that demand internet access even though they work fine without it. But what if I want to remove other permissions, such as access to my location or my contacts?

There is a manual way to edit unwanted permissions out of .apk files, but this method is not meant for human consumption.

Q: Is there an app that lets me allow/deny permissions per app?
16th April 2011, 06:26 AM   |  #2  
kevin@TeslaCoil's Avatar
Senior Member
Flag Chicago
Thanks Meter: 4,898
 
498 posts
Join Date:Joined: May 2010
It is not possible and is a very bad idea to do by modifying the APK.

I agree it'd be cool if Android was implemented to allow optional permissions. I hate adding permissions to my apps because I know some users don't want to give them. But Android is not designed this way.

Here's how I and just about every other developer would do something like make use of the READ_PHONE_STATE permissions to read your IMEI:
Code:
 TelephonyManager tm = (TelephonyManager) context.getSystemService(Context.TELEPHONY_SERVICE);
String deviceId = tm.getDeviceId();
Without the READ_PHONE_STATE permission, the above could would do this:


It's possible for developers to write their code to handle not having a permission they expect to have:
Code:
 
String deviceId;
try { TelephonyManager tm = (TelephonyManager) context.getSystemService(Context.TELEPHONY_SERVICE);
deviceId = tm.getDeviceId();
} catch (SecurityException ex) {
deviceId = "1234";
}
However no app dev does this. And unless a future version of Android itself were to allow this, it's unlikely app devs would take the time to test and update their apps to gracefully degrade when the user has used some hacky method to restrict the app. (I wouldn't. I have to do enough testing already just supporting all the manufacture skins and custom roms.)

If you question a permission you should ask the dev. And if you don't like the answer, or don't trust the dev, you should avoid the app.

(DroidWall doesn't remove the INTERNET permission, it just firewalls off the app from using the internet. Looks like a network connection issue to the app, which already has to be handle gracefully.)
The Following 3 Users Say Thank You to kevin@TeslaCoil For This Useful Post: [ View ]
16th April 2011, 07:03 AM   |  #3  
OP Senior Member
Thanks Meter: 126
 
544 posts
Join Date:Joined: Jan 2011
DroidWall tells the apps it blocks that there is no live internet connection, even though the connection is alive and kicking for every other app. AdBlock works in a similar way: it doesn't deny apps from calling their banner farm, it just keeps it out of reach by redirecting the request to 127.0.0.1.

There are many ways to make apps believe they've got permissions that they don't really have.

For example, a permissions manager could spoof an empty contacts list for apps that want to read your phone book. Apps that want to know where you are for no good reason would only have to be fed some random coordinates instead of getting your real location.

Maybe Android was not designed that way, but one of the advantages of an open system is that you can make it do things beyond the original specs. If we root our phones and install custom ROMs to get rid of unwanted bloatware, why not apply similar techniques to get rid of unwanted app permissions?

Of course you could simply avoid apps that ask for too many permissions (but only if suitable alternative apps are available), but such a sledgehammer approach wouldn't be necessary with a permissions manager that gives you more subtle tools to tame your apps. This way you can have the best of both worlds: remove undesired permissions without throwing out the entire app.
Last edited by rogier666; 16th April 2011 at 07:18 AM.
16th April 2011, 08:43 AM   |  #4  
Member
Thanks Meter: 18
 
52 posts
Join Date:Joined: Dec 2010
It's been done in the lab, hopefully they release source. The paper is a pretty good read, and not overly verbose.
Can't post links, don't want to spam 8 posts for it, so Google for "Taming Information-Stealing Smartphone Applications". The paper is from NCSU.
16th April 2011, 09:52 PM   |  #5  
OP Senior Member
Thanks Meter: 126
 
544 posts
Join Date:Joined: Jan 2011
Exactly what I'm looking for. Let's hope it hits the market soon!

The long version (in pdf format): http://www.csc.ncsu.edu/faculty/jiang/pubs/TRUST11.pdf

The short version: http://insciences.org/article.php?article_id=10052

Even shorter: http://apps.findingthis.com/utilitie...-applications/

Screenshot:
The Following User Says Thank You to rogier666 For This Useful Post: [ View ]
5th May 2011, 05:55 AM   |  #6  
OP Senior Member
Thanks Meter: 126
 
544 posts
Join Date:Joined: Jan 2011
Permissions manager for rooted phones from the author of Busybox: Permissions Denied.
The Following User Says Thank You to rogier666 For This Useful Post: [ View ]
5th May 2011, 06:29 AM   |  #7  
Senior Member
Flag Palm Bay, FL
Thanks Meter: 10
 
110 posts
Join Date:Joined: Apr 2011
More
Unfortunately, it looks like Permissions Denied actually denies permissions rather than spoofing them, so I would expect most apps to crash as mentioned by kevin. The spoofing approach in the NCSU papers seems like the more robust approach unless and until Google implements optional permissions, at which point app developers would hopefully start adding graceful permission exception handlers.

Sent from my Dinc via XDA app.
19th October 2011, 04:25 PM   |  #8  
Senior Member
Flag Warsaw
Thanks Meter: 266
 
1,014 posts
Join Date:Joined: Jul 2009
More
This is really the worst "feature" of Android. Someone should fix it really fast even creating a "shadow" distro with patched permission manager (if it cannot be done as an add-on).

Is anything new in this topic around?
The Following User Says Thank You to krzych For This Useful Post: [ View ]
19th October 2011, 07:46 PM   |  #9  
lufc's Avatar
Retired Senior Moderator / Resident Priest
Flag Blackpool UK
Thanks Meter: 1,532
 
9,521 posts
Join Date:Joined: Oct 2007
Donate to Me
More
Please use the Q&A Forum for questions Thanks
Moving to Q&A
25th March 2012, 09:35 PM   |  #10  
Member
Thanks Meter: 2
 
41 posts
Join Date:Joined: Dec 2007
Quote:
Originally Posted by rogier666

Some apps ask for more permissions than I want to give them.

Q: Is there an app that lets me allow/deny permissions per app?

Did they ever release the TISSA app? I can't find anything about the app since last April.

Post Reply Subscribe to Thread

Tags
permissions
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes