from Market if it is discovered", but if that need exists, then what
will Google do to reassure users that somebody is watching for such
violations? A Service should not HAVE the ability of share that data
with other Applications unless they too have the same permission. So
this suggests a flaw in the design of Android permissions.
On Aug 29, 12:11 pm, Dianne Hackborn <hack...@android.com> wrote:
> On Sun, Aug 29, 2010 at 5:31 AM, Zsolt Vasvari <zvasv...@gmail.com> wrote:
> > On a somewhat related note, I decided I would try to integrate the
> > Bump functionality into my app -- some users asked for ways to
> > exchange transactions between phones in the family, and this seemed
> > pretty good.
>
> > But then I opened the docs and here it what it says:
>
> > Add
>
> > <uses-permission
> > android:name="android.permission.ACCESS_FINE_LOCATION" />
> > <uses-permission
> > android:name="android.permission.ACCESS_COARSE_LOCATION" />
> > <uses-permission android:name="android.permission.INTERNET" />
> > <uses-permission android:name="android.permission.VIBRATE" />
> > <uses-permission android:name="android.permission.READ_PHONE_STATE" />
>
> > No freaking way I will pollute my permission requirements with that
> > stuff. If I saw a personal fianance app ask for those permissions,
> > I'd hit cancel so fast, it wouldn't know what happened.
>
> > I don't know what the solution is, but this is just wrong.
>
> This is a flaw in their design (and in the design of current ad servers as
> well). By having you link their code into your app, you are required to
> take responsibility for their permissions. Yet it is their code, you don't
> have control over it, so why should you?
>
> A solution is for the other party's code to be in its own .apk, which your
> app uses if it is there. (And you can prompt the user, sending them to
> market, to make this functionality available.) This way the permissions are
> clearly separated between apps, and the user can associate them with the
> responsible parties and decide who they want to trust.
>
> That said, there is an implicit responsibility of the app delivering
> functionality to other apps this way to not leak the permissions it is
> using. (As there is for every app.) An extreme example would be an app
> that use permission for GPS, and a service that lets others get the current
> location. That kind of thing is a security hole, and should be taken down
> from Market if it is discovered.
>
> --
> Dianne Hackborn
> Android framework engineer
> hack...@android.com
>
> Note: please don't send private questions to me, as I don't have time to
> provide private support, and so won't reply to such e-mails. All such
> questions should be posted on public forums, where I and others can see and
> answer them.
--
You received this message because you are subscribed to the Google
Groups "Android Developers" group.
To post to this group, send email to android-developers@googlegroups.com
To unsubscribe from this group, send email to
android-developers+unsubscribe@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/android-developers?hl=en
No comments:
Post a Comment