Android/frameworks_base
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge "docs: Added protection level to permissions" into qt-dev

Browse Source 
am: b920689346

Change-Id: I8c683819d96879f94d15224148cdc8f4643c17cc
This commit is contained in:
Kevin Hufnagle
2019-07-22 15:29:26 -07:00
committed by android-build-merger
parent 21083088e9 b920689346
commit d60190de6c
1 changed files with 29 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

46
core/res/AndroidManifest.xml
View File

@@ -859,7 +859,7 @@
meaning that the whitelist state can be specified only at install time and meaning that the whitelist state can be specified only at install time and
cannot change until the app is installed. For more details see cannot change until the app is installed. For more details see
{@link android.content.pm.PackageInstaller.SessionParams#setWhitelistedRestrictedPermissions(Set)}. {@link android.content.pm.PackageInstaller.SessionParams#setWhitelistedRestrictedPermissions(Set)}.
--> <p>Protection level: dangerous -->
<permission android:name="android.permission.READ_EXTERNAL_STORAGE" <permission android:name="android.permission.READ_EXTERNAL_STORAGE"
android:permissionGroup="android.permission-group.UNDEFINED" android:permissionGroup="android.permission-group.UNDEFINED"
android:label="@string/permlab_sdcardRead" android:label="@string/permlab_sdcardRead"
@@ -880,8 +880,9 @@
read/write files in your application-specific directories returned by read/write files in your application-specific directories returned by
{@link android.content.Context#getExternalFilesDir} and {@link android.content.Context#getExternalFilesDir} and
{@link android.content.Context#getExternalCacheDir}. {@link android.content.Context#getExternalCacheDir}.
<p>Is this permission is not whitelisted for an app that targets an API level before <p>If this permission is not whitelisted for an app that targets an API level before
{@link android.os.Build.VERSION_CODES#Q} this permission cannot be granted to apps.</p> {@link android.os.Build.VERSION_CODES#Q} this permission cannot be granted to apps.</p>
<p>Protection level: dangerous</p>
--> -->
<permission android:name="android.permission.WRITE_EXTERNAL_STORAGE" <permission android:name="android.permission.WRITE_EXTERNAL_STORAGE"
android:permissionGroup="android.permission-group.UNDEFINED" android:permissionGroup="android.permission-group.UNDEFINED"
@@ -891,7 +892,8 @@
android:protectionLevel="dangerous" /> android:protectionLevel="dangerous" />
<!-- Allows an application to access any geographic locations persisted in the <!-- Allows an application to access any geographic locations persisted in the
user's shared collection. --> user's shared collection.
<p>Protection level: dangerous -->
<permission android:name="android.permission.ACCESS_MEDIA_LOCATION" <permission android:name="android.permission.ACCESS_MEDIA_LOCATION"
android:permissionGroup="android.permission-group.UNDEFINED" android:permissionGroup="android.permission-group.UNDEFINED"
android:label="@string/permlab_mediaLocation" android:label="@string/permlab_mediaLocation"
@@ -1711,7 +1713,7 @@
<!-- Allows applications to pair bluetooth devices without user interaction, and to <!-- Allows applications to pair bluetooth devices without user interaction, and to
allow or disallow phonebook access or message access. allow or disallow phonebook access or message access.
This is not available to third party applications. --> <p>Not for use by third-party applications. -->
<permission android:name="android.permission.BLUETOOTH_PRIVILEGED" <permission android:name="android.permission.BLUETOOTH_PRIVILEGED"
android:protectionLevel="signature|privileged" /> android:protectionLevel="signature|privileged" />
@@ -2561,7 +2563,8 @@
android:protectionLevel="signature" /> android:protectionLevel="signature" />
<!-- Allows an application to modify the current configuration, such <!-- Allows an application to modify the current configuration, such
as locale. --> as locale.
<p>Protection level: signature|privileged|development -->
<permission android:name="android.permission.CHANGE_CONFIGURATION" <permission android:name="android.permission.CHANGE_CONFIGURATION"
android:protectionLevel="signature|privileged|development" /> android:protectionLevel="signature|privileged|development" />
@@ -2860,7 +2863,8 @@
<!-- ==================================== --> <!-- ==================================== -->
<eat-comment /> <eat-comment />
<!-- Allows access to the list of accounts in the Accounts Service. --> <!-- Allows access to the list of accounts in the Accounts Service.
<p>Protection level: signature|privileged -->
<permission android:name="android.permission.GET_ACCOUNTS_PRIVILEGED" <permission android:name="android.permission.GET_ACCOUNTS_PRIVILEGED"
android:protectionLevel="signature|privileged" /> android:protectionLevel="signature|privileged" />
@@ -3439,7 +3443,8 @@
android:protectionLevel="signature" /> android:protectionLevel="signature" />
<!-- Old permission for deleting an app's cache files, no longer used, <!-- Old permission for deleting an app's cache files, no longer used,
but signals for us to quietly ignore calls instead of throwing an exception. --> but signals for us to quietly ignore calls instead of throwing an exception.
<p>Protection level: signature|privileged -->
<permission android:name="android.permission.DELETE_CACHE_FILES" <permission android:name="android.permission.DELETE_CACHE_FILES"
android:protectionLevel="signature|privileged" /> android:protectionLevel="signature|privileged" />
@@ -3797,7 +3802,8 @@
<!-- Allows an application to collect component usage <!-- Allows an application to collect component usage
statistics statistics
<p>Declaring the permission implies intention to use the API and the user of the <p>Declaring the permission implies intention to use the API and the user of the
device can grant permission through the Settings application. --> device can grant permission through the Settings application.
<p>Protection level: signature|privileged|development|appop -->
<permission android:name="android.permission.PACKAGE_USAGE_STATS" <permission android:name="android.permission.PACKAGE_USAGE_STATS"
android:protectionLevel="signature|privileged|development|appop" /> android:protectionLevel="signature|privileged|development|appop" />
<uses-permission android:name="android.permission.PACKAGE_USAGE_STATS" /> <uses-permission android:name="android.permission.PACKAGE_USAGE_STATS" />
@@ -3820,14 +3826,14 @@
<!-- Permission an application must hold in order to use <!-- Permission an application must hold in order to use
{@link android.provider.Settings#ACTION_REQUEST_IGNORE_BATTERY_OPTIMIZATIONS}. {@link android.provider.Settings#ACTION_REQUEST_IGNORE_BATTERY_OPTIMIZATIONS}.
This is a normal permission: an app requesting it will always be granted the <p>Protection level: normal -->
permission, without the user needing to approve or see it. -->
<permission android:name="android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS" <permission android:name="android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS"
android:label="@string/permlab_requestIgnoreBatteryOptimizations" android:label="@string/permlab_requestIgnoreBatteryOptimizations"
android:description="@string/permdesc_requestIgnoreBatteryOptimizations" android:description="@string/permdesc_requestIgnoreBatteryOptimizations"
android:protectionLevel="normal" /> android:protectionLevel="normal" />
<!-- Allows an application to collect battery statistics --> <!-- Allows an application to collect battery statistics
<p>Protection level: signature|privileged|development -->
<permission android:name="android.permission.BATTERY_STATS" <permission android:name="android.permission.BATTERY_STATS"
android:protectionLevel="signature|privileged|development" /> android:protectionLevel="signature|privileged|development" />
@@ -3857,7 +3863,8 @@
android:protectionLevel="signature" /> android:protectionLevel="signature" />
<!-- Must be required by a {@link android.widget.RemoteViewsService}, <!-- Must be required by a {@link android.widget.RemoteViewsService},
to ensure that only the system can bind to it. --> to ensure that only the system can bind to it.
<p>Protection level: signature|privileged -->
<permission android:name="android.permission.BIND_REMOTEVIEWS" <permission android:name="android.permission.BIND_REMOTEVIEWS"
android:protectionLevel="signature|privileged" /> android:protectionLevel="signature|privileged" />
@@ -3899,7 +3906,8 @@
to the path in the provider where global search queries are to the path in the provider where global search queries are
performed. This permission can not be held by regular applications; performed. This permission can not be held by regular applications;
it is used by applications to protect themselves from everyone else it is used by applications to protect themselves from everyone else
besides global search. --> besides global search.
<p>Protection level: signature|privileged -->
<permission android:name="android.permission.GLOBAL_SEARCH" <permission android:name="android.permission.GLOBAL_SEARCH"
android:protectionLevel="signature|privileged" /> android:protectionLevel="signature|privileged" />
@@ -4438,7 +4446,8 @@
<permission android:name="android.permission.MODIFY_THEME_OVERLAY" <permission android:name="android.permission.MODIFY_THEME_OVERLAY"
android:protectionLevel="signature" /> android:protectionLevel="signature" />
<!-- Allows an instant app to create foreground services. --> <!-- Allows an instant app to create foreground services.
<p>Protection level: signature|development|instant|appop -->
<permission android:name="android.permission.INSTANT_APP_FOREGROUND_SERVICE" <permission android:name="android.permission.INSTANT_APP_FOREGROUND_SERVICE"
android:protectionLevel="signature|development|instant|appop" /> android:protectionLevel="signature|development|instant|appop" />
@@ -4508,7 +4517,8 @@
<permission android:name="android.permission.MONITOR_DEFAULT_SMS_PACKAGE" <permission android:name="android.permission.MONITOR_DEFAULT_SMS_PACKAGE"
android:protectionLevel="signature|privileged" /> android:protectionLevel="signature|privileged" />
<!-- A subclass of {@link android.service.carrier.CarrierMessagingClientService} must be protected with this permission. --> <!-- A subclass of {@link android.service.carrier.CarrierMessagingClientService} must be protected with this permission.
<p>Protection level: signature -->
<permission android:name="android.permission.BIND_CARRIER_MESSAGING_CLIENT_SERVICE" <permission android:name="android.permission.BIND_CARRIER_MESSAGING_CLIENT_SERVICE"
android:protectionLevel="signature" /> android:protectionLevel="signature" />
@@ -4540,13 +4550,15 @@
<permission android:name="android.permission.GRANT_PROFILE_OWNER_DEVICE_IDS_ACCESS" <permission android:name="android.permission.GRANT_PROFILE_OWNER_DEVICE_IDS_ACCESS"
android:protectionLevel="signature" /> android:protectionLevel="signature" />
<!-- Allows financial apps to read filtered sms messages. --> <!-- Allows financial apps to read filtered sms messages.
Protection level: signature|appop -->
<permission android:name="android.permission.SMS_FINANCIAL_TRANSACTIONS" <permission android:name="android.permission.SMS_FINANCIAL_TRANSACTIONS"
android:protectionLevel="signature|appop" /> android:protectionLevel="signature|appop" />
<!-- Required for apps targeting {@link android.os.Build.VERSION_CODES#Q} that want to use <!-- Required for apps targeting {@link android.os.Build.VERSION_CODES#Q} that want to use
{@link android.app.Notification.Builder#setFullScreenIntent notification full screen {@link android.app.Notification.Builder#setFullScreenIntent notification full screen
intents}. --> intents}.
<p>Protection level: normal -->
<permission android:name="android.permission.USE_FULL_SCREEN_INTENT" <permission android:name="android.permission.USE_FULL_SCREEN_INTENT"
android:protectionLevel="normal" /> android:protectionLevel="normal" />