-
Notifications
You must be signed in to change notification settings - Fork 941
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
remove all permission which are not used #683
Conversation
@larsgrefer and @banjaxbanjo, please move the discussion of SMS detection to #537. My question is, can we really remove the permissions this PR deletes without losing current functionality of our app? - <uses-permission android:name="android.permission.INTERNET"/> If we remove this, will users still be able to use the buttons in the About-Menu? - <uses-permission android:name="android.permission.RECEIVE_BOOT_COMPLETED"/> If we remove this, will our app still start right after the boot has been completed? - <uses-permission android:name="android.permission.RECEIVE_SMS"/>
- <uses-permission android:name="android.permission.RECEIVE_MMS"/>
- <uses-permission android:name="android.permission.RECEIVE_WAP_PUSH"/> If we remove those, will our app still be able to detect the message we can already detect? - <uses-permission android:name="android.permission.SYSTEM_ALERT_WINDOW"/> If we remove this, is AIMSICD still able to show the alert window when an event happens? - <uses-permission android:name="android.permission.WRITE_SETTINGS"/> If we remove this, is our app still able to store settings from the settings menu? |
Sms detection doesn't require any permissions just root. Will will have to remove the broadcast receiver that gets normal incoming sms if you remove the sms permissions. Thats not a problem because that method never worked and never will work so removing them once broadcast receiver is disabled is ok. |
@banjaxbanjo, would removing these lines work to accomplish this? |
@SecUpwN Yes that should cancel the broadcast receiver for quick fix. Code in receiver can be removed then whenever |
Can you link which files need to be cleaned and what exactly has to be done? I might do that tonight. |
This file @SecUpwN not sure I'd anything is linked to it so should be ok to remove. |
@larsgrefer, can we safely remove SmsReceiver.java? And @banjaxbanjo are you sure we can still detect silent SMS after removing it? After all, the SMS receiver class handles the SMS PDU data, doesn't it? |
@SecUpwN it's 100% safe to remove sec and never did and never will detect anything. All detection is based on logcat. |
remove all permission which are not used
Sec that receiver has nothing to do with sms detection and its to high level code to intercept silent type sms. All detection is logcat based. Basically no broadcast gets sent if silent type sms so this receiver is pointless for now. |
Low level = baseband < best |
accordingly to https://github.com/RomainPiel/AndroidPermissionsUsage
close #636