We need a more fine grained permission system on android
We need a more fine grained permission system on android
Posted Oct 8, 2010 15:38 UTC (Fri) by giraffedata (guest, #1954)In reply to: We need a more fine grained permission system on android by fredrik
Parent article: Some Android apps caught covertly sending GPS data to advertisers (ars technica)
I agree with [foom], it ought to be possible for the end user to deny apps access to some information after installation even though the app requested that permission when installed. Let whatever breaks break. I'm sure dalvik could throw a interesting runtime exception or even return dummy data instead.
I don't think that's what foom is talking about, and it isn't a good idea. foom is talking about letting the developer build in the ability to run with and without a certain permissions, and the user has the choice, probably at install time.
But denying a permission to a program that is designed to have it would be bad for users. It would not be obvious to them that the application broke because of that user choice. They would get frustrated, not know how to fix the problem, and erroneously stop using and lose the benefit of the application (and others from the same author).
Posted Oct 8, 2010 19:50 UTC (Fri)
by foom (subscriber, #14868)
[Link] (2 responses)
For example, I just saw a game on the Android market which wants access to your SMSes. Allegedly because it now has the ability to be registered via a special SMS from its owner (according to the description). That's clever and all, but I don't really want it reading my SMSes. For all I know, it's actually going to just send them over the network when I run the app...So why can't I just install the app without the "read SMSes" permission? When it goes to try that, it'd get back a permission denied, and could show a dialog saying "sorry, I need to be able to read your SMSes to register via sms, please re-enable that permission in the settings."...
Posted Oct 9, 2010 4:19 UTC (Sat)
by swetland (guest, #63414)
[Link] (1 responses)
"disallow read contacts" could look like "user has no contacts"
"disallow network access" could look like "network is down / sites are unreachable"
"disallow gps access" could look like "device is always in a fixed (user settable) location"
Posted Oct 9, 2010 16:52 UTC (Sat)
by giraffedata (guest, #1954)
[Link]
"disallow read contacts" could look like "user has no contacts"
etc.
Taken literally, this is the opposite of failing gracefully, so I would hope the system would not be designed that way. If the application really thinks there are no contacts when in fact there are, that will confuse and irritate the user and frustrate his exploitation of the application.
But I would accept if the application is designed to recognize the specific case of "disallow read contacts" and, other than telling the user plainly that it's acting like there are no contacts because it lacks permissions, it acts as if there are no contacts.
We need a more fine grained permission system on android
We need a more fine grained permission system on android
We need a more fine grained permission system on android
you could fail gracefully such that the app should keep working since the app would have to deal with that case anyway, for example: