If we can't ensure that an application with WRITE_CONTACTS can't actually use that to extract contact information, it is lame to lie to the user that there is such a guarantee.
As I said, my recommendation would be to use the add contact UI, which requires *no* permissions. On Sun, Aug 22, 2010 at 9:06 AM, Pinheiro <[email protected]> wrote: > > It is very hard to ensure that someone with write access can't also get > data > > back from the provider, so generally no. > > It's a bit lame, imho. According to Google, developers should use the > least permissions possible. But how can we do that if we have to use > READ_CONTACTS to write contacts? Personally, I get suspicious when an > app wants to read my contacts. > > > editor with your data to allow the user to be involved with adding it, > using > > SHOW_OR_ADD_CONTACT: > http://developer.android.com/reference/android/provider/ContactsContr... > > Thanks, that is a good alternative. > > -- > You received this message because you are subscribed to the Google > Groups "Android Developers" group. > To post to this group, send email to [email protected] > To unsubscribe from this group, send email to > [email protected]<android-developers%[email protected]> > For more options, visit this group at > http://groups.google.com/group/android-developers?hl=en > -- Dianne Hackborn Android framework engineer [email protected] Note: please don't send private questions to me, as I don't have time to provide private support, and so won't reply to such e-mails. All such questions should be posted on public forums, where I and others can see and answer them. -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
