The New Runtime Permission
The Android system now offers user-facing controls over some, but not all, app
permissions. While iOS has had this feature for years, Android is only now
catching up.
Some basic permissions – internet access, for example – are still granted by
default, but generally speaking you will be asked to grant individual app
permissions the first time an app attempts to access them.
Take a look at How to implement Runtime Permissions to know more about how to work with Runtime Permissions.
This means you are in control of whether or not an app has access to something
as critical as your microphone or camera. Some apps might not work properly
with certain permissions disabled, but the onus is on the app developers to
stabilize their apps without all permissions granted, not on you to accept
what you might feel are unnecessary permissions.
Permissions for a particular app can be viewed within the settings menu (which
permissions an app does or doesn't have) or by permission type (so you can see
how many apps have access to your contacts, for example). Viewing by
permission type is slightly hard to get to, but at least that will stop
accidental changes from being made.
System permissions are divided into two categories, normal and dangerous:
- Normal permissions: It does not directly risk the user's privacy. If your app lists a normal permission in its manifest, the system grants the permission automatically.
- Dangerous permissions: It can give the app access to the user's confidential data. If your app lists a normal permission in its manifest, the system grants the permission automatically. If you list a dangerous permission, the user has to explicitly give approval to your app.
Automatically granted permissions
If an app declares in its manifest that it needs a normal permission, the system automatically grants the app that permission at install time. The system does not prompt the user to grant normal permissions, and users cannot revoke these permissions.
As of API level 23, the following permissions are classified as PROTECTION_NORMAL:
- ACCESS_LOCATION_EXTRA_COMMANDS
- ACCESS_NETWORK_STATE
- ACCESS_NOTIFICATION_POLICY
- ACCESS_WIFI_STATE
- BLUETOOTH
- BLUETOOTH_ADMIN
- BROADCAST_STICKY
- CHANGE_NETWORK_STATE
- CHANGE_WIFI_MULTICAST_STATE
- CHANGE_WIFI_STATE
- DISABLE_KEYGUARD
- EXPAND_STATUS_BAR
- GET_PACKAGE_SIZE
- INSTALL_SHORTCUT
- INTERNET
- KILL_BACKGROUND_PROCESSES
- MODIFY_AUDIO_SETTINGS
- NFC
- READ_SYNC_SETTINGS
- READ_SYNC_STATS
- RECEIVE_BOOT_COMPLETED
- REORDER_TASKS
- REQUEST_IGNORE_BATTERY_OPTIMIZATIONS
- REQUEST_INSTALL_PACKAGES
- SET_ALARM
- SET_TIME_ZONE
- SET_WALLPAPER
- SET_WALLPAPER_HINTS
- TRANSMIT_IR
- UNINSTALL_SHORTCUT
- USE_FINGERPRINT
- VIBRATE
- WAKE_LOCK
- WRITE_SYNC_SETTINGS