According to this page http://code.google.com/android/devel/security.html#permissions : "At application install time, permissions requested by the application are granted to it by the package installer, based on checks with trusted authorities and interaction with the user. No checks with the user are done while an application is running: it either was granted a particular permission when installed, and can use that feature as desired, or the permission was not granted and any attempt to use the feature will fail without prompting the user."
So when you install a malicious software you'll probably be asked like "do you want to install this app as a dialer?" or Android would automatically detect it's bad (how? I wish I knew ;-) ) On 17 Cze, 15:18, Damien <[EMAIL PROTECTED]> wrote: > Yes I believe the permissions for an application will come into play. > > Android apps register for permissions in the manifest and that should > I think, translate to a user query (I seem to recall one of the > android > Q & A seeions going over this same question) when the appliation > executes so for your application to phone Fiji it would need a > permission > (android.permission.CALL_PHONE??) to access DIALER permissions; > however > > the problem would still possibly occur if the application masqueraded > as > a genuine user of DIALER so that the user resonse to > > "Application X needs to be able to dial out - Allow Y/N" (or whatever) > > would be a Yes, because it seems to be a genuine requirement - but if > it > then somehow went on to dial Fiji without the user knowing you would > still get the charge. My understanding is that the permissions are > very > specific so android.permission.CALL_PHONE allows an application to > access the dialer but not necessarily to have a "silent" phone > connection > occurring in the background. > > Here is a link to the permissions > > http://code.google.com/android/reference/android/Manifest.permission.... > > Regards > D > > On Jun 17, 10:47 am, MobileBen <[EMAIL PROTECTED]> wrote: > > > Hello all, > > > I have a question concerning the security of Android. > > > Example: > > I download a very nice program from the web which doesn't cost > > anything and install it on my Android-phone. > > When I start the program, the program calls automatically a number on > > the fiji islands in the backgroud and I don't get to know to it. At > > the end of the month I have a very high phone bill :( > > > Is there any security mechanism to proof that sth. like this happens > > or to make a security on those basic operations like telephone- > > function?????? > > > Thx for any answer! --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] Announcing the new M5 SDK! http://android-developers.blogspot.com/2008/02/android-sdk-m5-rc14-now-available.html For more options, visit this group at http://groups.google.com/group/android-developers?hl=en -~----------~----~----~----~------~----~------~--~---
