WELCOME TO EHOST.COM.NP

Monday, August 28, 2017

Google Introduces Runtime-Only Permissions in Android 8.0 for Better Security

           Add Comments   

ads space

One of the best security-oriented changes included in Android 6.0 Marshmallow was runtime permissions. Before the advent of runtime permissions, developers would define permissions in their AndroidManifest file that would be granted automatically upon installation. On Android 6.0 and newer, runtime permissions required the user to explicitly grant or deny a permission through a dialog. From a security standpoint, this ensured that certain sensitive permissions like reading text messages or contacts would need to be brought to the user’s attention before the app could use them.

But there was one major problem: runtime permissions are only enforced for applications targeting Android Marshmallow or newer. So long as the app targets Android Lollipop or older, any runtime permissions would still be automatically granted upon installation. Lots of applications, most notably Snapchat, still do this in order to avoid dealing with runtime permissions. Finally, with Android 8.0 Oreo, Google has introduced a small but very important change to try and fix that in the future.

On April 4th, a commit was made to AOSP that allows permissions to be runtime-only. This change adds a new runtime protection level flag to the Android system that, if set, will only grant certain permissions to apps that target Android Marshmallow or above. Currently the only permission that takes advantage of this new runtime-only flag is ANSWER_PHONE_CALLS, which allows any application with this permission to programmatically answer phone calls on behalf of the answer.

Still, it’s a real security improvement for when more and more permissions are restricted under this flag, then apps won’t be able to sneakily grant themselves sensitive or dangerous permissions unless they start targeting a newer version of Android. This will also push app developers to adopt newer APIs and features on their apps, as targeting a newer Android version will become a requirement to use these new permissions.

ads space

 

ADS SPACE

0 comments:

Post a Comment

Categories

Article How-to All Posts WordPress Android Web design Blogger Plugins CSS Google JQuery Plugins Programming Reviews Web Hosting Blogger Blogging Blogging Tips Tricks Web Development Facebook Git Internet Make Money Online Social Plugins Tips Tips and Tricks Tools Tutorials Windows WordPress Plugins Blogging Tips and Tricks Freebies GSM Google Analytics HTML How To's JavaScript Plugin Development S.E.O SEO SMS SmartPhone Social Media Tips amp; Tricks Top-Most Updates Webmaster Tools Whatsapp Applications Apps Blogger Basics Documentary Downloads Entertainment Gadgets Games Gmail Google AdSense Guest Post IPhone Make Money Blogging SVN Security Softwares Web Hosting Tips and Tricks Wordpress Tips Wordpress Tips and Tricks hostgator iOS Advertising Networks Advertising Technology Affiliates Antivirus Audience amp; Traffic Biography Blog post Blog post Blogger Blogger Errors Blogger Tips Blogger Tools Blogger Widget Blogosphere Bogger Widgets CSS selectors CSS symbols CSS3 Computer amp; Internet Content Writing Coupon Codes Data amp; Analytics Deleted blog Design DoubleClick for Publishers Email and newsletter marketting Email marketing Excel Tips Excel Tips and Tricks Facebook Tricks Feed Feedburner Feedburner subscribers Font Fun GitHub Giveaways Gmail primary inbox Gmail tabs Google sign-in Guides HTML amp; CSS HTML5 Infographics Inspirational Instagram Internet Marketing Internet Tips amp; Tricks Job Listings Knowledge Life Hacks Lists Make-Money Monetization amp; Conversion Monetize Navigation Online Marketing Other PHP Tutorials Passport Publishing amp; Content Quotes RSS Sidebar Smartphones Social Networking Status Tech Tech Blog Technology Telegram Themes UI / UX User Psychology amp; Research VB.Net Web Tools Web browser Widget Windows Tips Windows-10 ad viewability admin notice blogging tools bluehost cherry-pick clone cors custom scrollbar customizer dismissible notices duplicate post feed title git branch git clone gpg gpg2 hybridauth iPad icon font notice responsive wordpress theme same origin policy scrollbar signed git commit smartsvn theme customizer vcs wordpress theme wordpress themes

Blog Archive

Contact Form

Name

Email *

Message *

Copyright © Sync Media