Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Complete list of iOS app permissions [closed]

Tags:

Different web sites (e.g.) explain that the iOS permission model works like this: All apps have a set of basic permissions (including Internet access). If an additional permission is required during runtime the user is asked whether to grant or deny it.

Which permissions does iOS know? What belongs to the basic permissions set? What can be done without user consent? Basically I am looking for a list similar to this one, just for iOS

like image 776
Jack Miller Avatar asked Apr 27 '15 11:04

Jack Miller


People also ask

How do you check permission history on iPhone?

Go to Settings > Privacy, then tap App Privacy Report (iOS 15.2 or later). The App Privacy Report shows you how apps are using the permissions you granted them and shows you their network activity.

Can I turn off all app permissions?

To see a more comprehensive list of permissions, you can tap on the Apps & notifications screen, then tap App permissions. In this window, you can browse apps by the permissions they access, and turn off any you like.

Which file is responsible for app permission on iOS?

An iOS app linked on or after iOS 10.0 must include in its Info. plist file the usage description keys for the types of data it needs to access or it will crash.

How do I get permissions off my iPhone apps?

From the Settings app, tap Privacy to see all the permissions available on your phone: access to photos, motion and fitness data, your phone's location, and so on. Tap on any entry to see the apps granted those permissions and to disable those permissions, if necessary.


2 Answers

In contrast to other answers, there is an official list of permissions that are asked at runtime. It is in the iOS Security Guide (p. 84):

iOS helps prevent apps from accessing a user’s personal information without permission. Additionally, in Settings, users can see which apps they have permitted to access certain information, as well as grant or revoke any future access. This includes access to:

  • Contacts
  • Calendars
  • Reminders
  • Photos
  • Motion activity and fitness
  • Location Services
  • Apple Music
  • Your music and video activity
  • Microphone
  • Camera
  • HomeKit
  • Health
  • Speech recognition
  • Bluetooth sharing
  • Your media library

If the user signs in to iCloud, apps are granted access by default to iCloud Drive. Users may control each app’s access under iCloud in Settings. Additionally, iOS provides restrictions that prevent data movement between apps and accounts installed by an MDM solution and those installed by the user.

Since iOS 10 it is required to provide a description for the requested permission. In the developer documentation of the frameworks you will see if such a description is required and accessing it's API will lead to an permission prompt (or crash if not description is given), e.g. see the hint in the developer documentation of the Contacts framework:

Important

An iOS app linked on or after iOS 10.0 must include in its Info.plist file the usage description keys for the types of data it needs to access or it will crash. To access Contacts data specifically, it must include NSContactsUsageDescription.

Additionally, a good source of available permissions for each iOS/macOS version is in the Information Property List Key Reference (search for UsageDescription contained in words).

There is at least one other undocumented permission that requires user consent at runtime:

  • Network Content Filter (no usage description; requires Network Extension entitlement)
like image 109
Max Avatar answered Sep 17 '22 19:09

Max


All the keys you can add to your info.plist file are listed in Apple documentation and described.

For most background modes you need to add a key in Info.plist to indicate that the app wants to run code while in the background.

But this information is not used to ask user permission, only for ensuring device compatibility.

Only some services require user permission (like Geolocation and Notifications services), which are automatically asked to the user the very first time your application attempt to use the corresponding API.

like image 39
BoilingLime Avatar answered Sep 20 '22 19:09

BoilingLime