Hi,
Looking at the following developer web link that describes the core android permissions, http://developer.android.com/reference/android/Manifest.permission.html <http://developer.android.com/reference/android/Manifest.permission.html > The list encompasses the permissions associated to the android protected API available from the Android frameworks. However, I could not find any information related to the associated protection level. I guess this would be very useful to know for the application developers and get the web link updated. So, digging in the file "Frameworks\base\core\res\AndroidManifest.xml", one could find such data. Most of the permissions are defined as dangerous and few others as normal. The remaining others, related mostly to the system, are based on signature protection. Questions: 1) Because the signature protection levels for the framework are defined in a unique manifest XML file, - does it mean that there is no means to have different permissions protected by different signature keys (but splitting the file and framework API in groups)? 2) The android framework is stored under the file directory \system\framework\ - Is this directory considered as one Android package signed by the current android system unique key? - For permissions protected by signature or signatureOrSystem, what key is used for such protection verification? OEM/system key ? 3) - if the OEMs are modifying few framework permission signature rules ( dangerous => signature... ), how the applications compatibility will be ensured on the Android platform accross various OEM smartphones ? Guillaume
