We need a more fine grained permission system on android

Posted Oct 8, 2010 19:50 UTC (Fri) by foom (subscriber, #14868)
In reply to: We need a more fine grained permission system on android by giraffedata
Parent article: Some Android apps caught covertly sending GPS data to advertisers (ars technica)

If android OS made it a thing the user could deny, then apps would (or at least should) be written to deal cleanly with the inability to get access to your address book, sms messages, network, or whatever privileged operation they wanted to do.

For example, I just saw a game on the Android market which wants access to your SMSes. Allegedly because it now has the ability to be registered via a special SMS from its owner (according to the description). That's clever and all, but I don't really want it reading my SMSes. For all I know, it's actually going to just send them over the network when I run the app...So why can't I just install the app without the "read SMSes" permission? When it goes to try that, it'd get back a permission denied, and could show a dialog saying "sorry, I need to be able to read your SMSes to register via sms, please re-enable that permission in the settings."...

We need a more fine grained permission system on android

Posted Oct 9, 2010 4:19 UTC (Sat) by swetland (guest, #63414) [Link] (1 responses)

For most permissions, if disallowed to an app dynamically, you could fail gracefully such that the app should keep working since the app would have to deal with that case anyway, for example:

"disallow read contacts" could look like "user has no contacts"

"disallow network access" could look like "network is down / sites are unreachable"

"disallow gps access" could look like "device is always in a fixed (user settable) location"

We need a more fine grained permission system on android

Posted Oct 9, 2010 16:52 UTC (Sat) by giraffedata (guest, #1954) [Link]

you could fail gracefully such that the app should keep working since the app would have to deal with that case anyway, for example:
"disallow read contacts" could look like "user has no contacts"
etc.

Taken literally, this is the opposite of failing gracefully, so I would hope the system would not be designed that way. If the application really thinks there are no contacts when in fact there are, that will confuse and irritate the user and frustrate his exploitation of the application.

But I would accept if the application is designed to recognize the specific case of "disallow read contacts" and, other than telling the user plainly that it's acting like there are no contacts because it lacks permissions, it acts as if there are no contacts.