> > Nonetheless, I am still wondering: Does that mean that an app stored > > as APK in /system/app/ can use any permission which is <= > > "signatureOrSystem"? > > Well, sure, if they request it, just like any other SDK app. I am not quite sure what you mean by "request it". As far as I know, there is no "API request call" or method to grant a certain permission. If by request you mean the requesting done on installation: nope, this does not apply, as apps in /system/app/ are usually preinstalled. Hence, no market app requesting permissions to be granted by the user.
> I have no idea what the <perms> block is. That sounds like a firmware > detail, which is out of scope for this list. Nope, it's not a firmware detail. Every app which is installed via the Market app (e.g., from the Google Play Store) is processed in the three following steps: 1) Download of the APK file 2) Placing of APK file in /data/app/ 3) Insertion of the app's permissions in /data/system/packages.xml inside a <perms>-block The <perms>-block in packages.xml specifies which permissions were granted to an app installed from an app market. However, no <perms>-blocks exist for apps stored in /system/app/, which is exactly what I'm curious about ;) > Only if they ask for them, like any other SDK application. What exactly do you mean by "asking"? AFAIK API calls under protection by certain permissions are controlled automatically and implicitly for "clearance". There is not explicit/expressed request. At least I haven't carried out one in any of my apps programmed thus far, and it worked. Or do you mean by asking the Manifest file? It isn't checked on every app's start up, to my knowledge. That's what the packages.xml file is for. > I haven't checked exhaustively, but it would appear that they are > using the sharedUserID mechanism (even if only one app package is > doing the sharing). I'm going to check into this and report back, thanks. However, every system app sharing the same user ID and thus getting extensive permissions seems a bit... risky. > Permissions defined by system apps (for use by other apps) seem to be > in individual files under /etc/permissions Going to check that out too. -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en