There is a permission (WRITE_TO_EXTERNAL_STORAGE) to access in write mode to the SD....and an application can access in this way without declaring this permission in its manifest file!I'm pretty sure of that!Cheers
----Messaggio originale---- Da: [email protected] Data: 24-mag-2012 21.37 A: <[email protected]> Ogg: [android-security-discuss] Re: mismatch between manifest permissions and dalvik virtual machine permissions Any application can access the external storage without any permission, the external memory is world readable. May I ask which tool did you use?Thanks Em quinta-feira, 24 de maio de 2012 06h40min33s UTC-3, [email protected] escreveu:Using a tool to make statical analysis of apk, I noticed a strange behaviour. There is often a mismatch between the permission declared in the manifest and the permissions required by application in dalvik virtual machine. So, the application can require, for example, the access to external memory without declaring permission in the manifest. Is it a "normal" behaviour"? I supposed the application can use only the API associated to the permissions declared in the manifest, instead, from real tests, it seems it is false. Thanks in advance, cheers -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To view this discussion on the web visit https://groups.google.com/d/msg/android-security-discuss/-/jzoG3VuVO3YJ. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en. -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
