When I do a dump of all permissions on all apps on a Nexus 7 I get (as expected) permissions with protection levels 0 (NORMAL), 1 (DANGEROUS), 2 (SIGNATURE). Nothing is logging under 3 (SIGNATURE_OR_SYSTEM)*.
But there are also a lot of permissions whose protection level is set at '18' and some that are '50'.
I can't find any documentation on what these values represent. Does anybody know?
*It's not logging anything under 3.
These are what was logged:
android.permission.ACCESS_CACHE_FILESYSTEM - 18
android.permission.ACCESS_CHECKIN_PROPERTIES - 18
android.permission.ACCESS_DOWNLOAD_MANAGER - 18
android.permission.ACCESS_DOWNLOAD_MANAGER_ADVANCED - 18
android.permission.ACCESS_MTP - 18
android.permission.ALLOW_ANY_CODEC_FOR_PLAYBACK - 18
android.permission.BACKUP - 18
android.permission.BIND_APPWIDGET - 18
android.permission.BIND_DIRECTORY_SEARCH - 18
android.permission.BIND_KEYGUARD_APPWIDGET - 18
android.permission.BIND_REMOTEVIEWS - 18
android.permission.BIND_WALLPAPER - 18
android.permission.CALL_PRIVILEGED - 18
android.permission.CHANGE_COMPONENT_ENABLED_STATE - 18
android.permission.CHANGE_CONFIGURATION - 18
android.permission.CONNECTIVITY_INTERNAL - 18
android.permission.CONTROL_LOCATION_UPDATES - 18
android.permission.CRYPT_KEEPER - 18
android.permission.DELETE_CACHE_FILES - 18
android.permission.DELETE_PACKAGES - 18
android.permission.DOWNLOAD_CACHE_NON_PURGEABLE - 18
android.permission.GLOBAL_SEARCH - 18
android.permission.INSTALL_LOCATION_PROVIDER - 18
android.permission.INSTALL_PACKAGES - 18
android.permission.MANAGE_USB - 18
android.permission.MANAGE_USERS - 18
android.permission.MASTER_CLEAR - 18
android.permission.MODIFY_APPWIDGET_BIND_PERMISSIONS - 18
android.permission.MODIFY_NETWORK_ACCOUNTING - 18
android.permission.MODIFY_PHONE_STATE - 18
android.permission.MOUNT_FORMAT_FILESYSTEMS - 18
android.permission.MOUNT_UNMOUNT_FILESYSTEMS - 18
android.permission.MOVE_PACKAGE - 18
android.permission.PACKAGE_USAGE_STATS - 18
android.permission.PACKAGE_VERIFICATION_AGENT - 18
android.permission.PERFORM_CDMA_PROVISIONING - 18
android.permission.READ_FRAME_BUFFER - 18
android.permission.READ_NETWORK_USAGE_HISTORY - 18
android.permission.READ_PRIVILEGED_PHONE_STATE - 18
android.permission.REBOOT - 18
android.permission.RECEIVE_DATA_ACTIVITY_CHANGE - 18
android.permission.RECEIVE_EMERGENCY_BROADCAST - 18
android.permission.RETRIEVE_WINDOW_CONTENT - 18
android.permission.SEND_SMS_NO_CONFIRMATION - 18
android.permission.SERIAL_PORT - 18
android.permission.SET_TIME - 18
android.permission.SET_WALLPAPER_COMPONENT - 18
android.permission.SHUTDOWN - 18
android.permission.STATUS_BAR - 18
android.permission.STOP_APP_SWITCHES - 18
android.permission.UPDATE_DEVICE_STATS - 18
android.permission.UPDATE_LOCK - 18
android.permission.WRITE_APN_SETTINGS - 18
android.permission.WRITE_GSERVICES - 18
android.permission.WRITE_MEDIA_STORAGE - 18
com.android.chrome.TOS_ACKED - 18
com.android.launcher.permission.PRELOAD_WORKSPACE - 18
com.android.vending.TOS_ACKED - 18
com.android.vending.billing.ADD_CREDIT_CARD - 18
com.android.vending.billing.BILLING_ACCOUNT_SERVICE - 18
com.google.android.c2dm.permission.SEND - 18
com.google.android.gallery3d.permission.GALLERY_PROVIDER - 18
com.google.android.gtalkservice.permission.SEND_HEARTBEAT - 18
com.google.android.partnersetup.permission.UPDATE_CLIENT_ID - 18
com.google.android.permission.BROADCAST_DATA_MESSAGE - 18
com.google.android.providers.gsf.permission.WRITE_GSERVICES - 18
com.google.android.xmpp.permission.BROADCAST - 18
com.google.android.xmpp.permission.XMPP_ENDPOINT_BROADCAST - 18
android.permission.CHANGE_CONFIGURATION - 50
android.permission.DUMP - 50
android.permission.INTERACT_ACROSS_USERS - 50
android.permission.READ_LOGS - 50
android.permission.SET_ALWAYS_FINISH - 50
android.permission.SET_ANIMATION_SCALE - 50
android.permission.SET_DEBUG_APP - 50
android.permission.SET_PROCESS_LIMIT - 50
android.permission.SIGNAL_PERSISTENT_PROCESSES - 50
android.permission.WRITE_SECURE_SETTINGS - 50
The three permission protection levels in Android are as follows: Normal Permissions. Signature Permissions. Dangerous Permissions.
Runtime permissions, also known as dangerous permissions, give your app additional access to restricted data, and they allow your app to perform restricted actions that more substantially affect the system and other apps.
3. Signature permissions signify the highest privilege; they can only be obtained if the requesting app is signed with the device manufacturer's certificate.
There are three protection levels that affect third-party apps: normal, signature, and dangerous permissions.
Just saw an old unanswered question. Although you might already get your answer, I'll answer it anyway. It may help others. :)
there are also a lot of permissions whose protection level is set at '18' and some that are '50'.
The following code is retrieved from PermissionInfo.java in Android Source:
/**
* Additional flag for {@link #protectionLevel}, corresponding
* to the <code>system</code> value of
* {@link android.R.attr#protectionLevel}.
*/
public static final int PROTECTION_FLAG_SYSTEM = 0x10;
/**
* Additional flag for {@link #protectionLevel}, corresponding
* to the <code>development</code> value of
* {@link android.R.attr#protectionLevel}.
*/
public static final int PROTECTION_FLAG_DEVELOPMENT = 0x20;
So if there is a signature/system permission, the level would be 18(0x10 | 0x2). If the permission use used for special development tools, it would be 50(0x10 | 0x20 | 0x2).
I can't find any documentation on what these values represent. Does anybody know?
As I answered in an existing question, you can checked the protection level and the description of these permissions in frameworks/base/core/res/AndroidManifest.xml
and frameworks/base/data/etc/platform.xml
. I post some of them here for your reference.
<!-- Configure an application for debugging. -->
<permission android:name="android.permission.SET_DEBUG_APP"
android:permissionGroup="android.permission-group.DEVELOPMENT_TOOLS"
android:protectionLevel="signature|system|development"
android:label="@string/permlab_setDebugApp"
android:description="@string/permdesc_setDebugApp" />
<!-- @hide Package verifier needs to have this permission before the PackageManager will
trust it to verify packages.
-->
<permission android:name="android.permission.PACKAGE_VERIFICATION_AGENT"
android:label="@string/permlab_packageVerificationAgent"
android:description="@string/permdesc_packageVerificationAgent"
android:protectionLevel="signature|system" />
If there is a @hide
annotation on that xml block, you cannot find any resources from documentation about this permission.
The development permission 0x20 that composes the ones you are referring to are a set of permissions introduced by Google to be used during Android development and they are never granted by the PackageManager
automatically. To be able to use them you must grant using adb shell pm grant permission
.
You can see the code that does that and the change that was introduced by Google on this 02/21/2012 commit.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With