idea: more fine-grained permissions, improved app-ops style

[xbtc-im]

could a "runt at startup" permission be added, app-ops style ? it could be useful, resource and bandwidth wise, for some ...

[thestinger]

No, exposing this wouldn't accomplish anything. Apps can register persistent jobs, etc.

There are already strict background execution restrictions for apps targeting API 26+ and it can be individually toggled on for apps targeting lower API levels.

[thestinger]

No, exposing this wouldn't accomplish anything. Apps can register persistent jobs, etc.

There are already strict background execution restrictions for apps targeting API 26+ and it can be individually toggled on for apps targeting lower API levels.

[xbtc-im]

I mean persistent jobs too. I know about strict background execution restrictions, what i am suggesting is that an application never runs until the user opens it, and when the user closes that app, it should just terminate

[xbtc-im]

I mean persistent jobs too. I know about strict background execution restrictions, what i am suggesting is that an application never runs until the user opens it, and when the user closes that app, it should just terminate

[thestinger]

That isn't what you said in the issue you filed.

If you want that feature implemented, you could start by making a proof of concept to demonstrate how it would work.

[thestinger]

That isn't what you said in the issue you filed.

If you want that feature implemented, you could start by making a proof of concept to demonstrate how it would work.

[xbtc-im]

Nobody can "want" or "demand" a feature on an open source / almost free project. What i am suggesting is a more fine grained user control, especially on "All permissions" . Some apps have a laundry list of permissions, that most of the time simply do not need to run as intended. The "run at startup" is just one of them.
corrected the title

[xbtc-im]

Nobody can "want" or "demand" a feature on an open source / almost free project. What i am suggesting is a more fine grained user control, especially on "All permissions" . Some apps have a laundry list of permissions, that most of the time simply do not need to run as intended. The "run at startup" is just one of them.
corrected the title

[thestinger]

There are already permission toggles and they use appops for apps targeting an API level before 23. You need to be specific about what you want. We aren't interested in working on exposing a bunch of toggles simply to have more stuff. There has to be a reason to do it.

[thestinger]

There are already permission toggles and they use appops for apps targeting an API level before 23. You need to be specific about what you want. We aren't interested in working on exposing a bunch of toggles simply to have more stuff. There has to be a reason to do it.

[xbtc-im]

actual requested permissions:

aapt dump badging ivms.apk | grep permission
uses-permission: name='android.permission.FLASHLIGHT'
uses-permission: name='android.permission.HARDWARE_TEST'
uses-permission: name='android.permission.DISABLE_KEYGUARD'
uses-permission: name='android.permission.KILL_BACKGROUND_PROCESSES'
uses-permission: name='android.permission.WRITE_EXTERNAL_STORAGE'
uses-permission: name='android.permission.MOUNT_UNMOUNT_FILESYSTEMS'
uses-permission: name='android.permission.READ_EXTERNAL_STORAGE'
uses-permission: name='android.permission.VIBRATE'
uses-permission: name='android.permission.INTERNET'
uses-permission: name='android.permission.ACCESS_NETWORK_STATE'
uses-permission: name='android.permission.ACCESS_WIFI_STATE'
uses-permission: name='android.permission.WAKE_LOCK'
uses-permission: name='android.permission.GET_TASKS'
uses-permission: name='android.permission.RECORD_AUDIO'
uses-permission: name='com.google.android.providers.gsf.permission.READ_GSERVICES'
uses-permission: name='android.permission.READ_PHONE_STATE'
uses-permission: name='android.permission.CAMERA'
uses-permission: name='android.permission.CHANGE_WIFI_STATE'
uses-permission: name='android.permission.GET_ACCOUNTS'
uses-permission: name='com.mcu.iVMSHD.permission.C2D_MESSAGE'
uses-permission: name='com.google.android.c2dm.permission.RECEIVE'
uses-permission: name='com.mcu.iVMSHD.push.sdk.permission.EZVIZ_MESSAGE'
uses-permission: name='android.permission.CHANGE_NETWORK_STATE'
uses-permission: name='android.permission.RECEIVE_BOOT_COMPLETED'
uses-implied-feature: name='android.hardware.camera' reason='requested android.permission.CAMERA permission'
uses-implied-feature: name='android.hardware.microphone' reason='requested android.permission.RECORD_AUDIO permission'
uses-implied-feature: name='android.hardware.wifi' reason='requested android.permission.ACCESS_WIFI_STATE permission, and requested android.permission.CHANGE_WIFI_STATE permission'

visible permissions:
Camera Contacts Microphone Network (on Copperhead) Phone Sensors Storage.

Most users maybe have no idea on those permissions, however, on an OS centered on security/privacy, my opinion is that all permissions should be user selectable. Does this count as a reason ?

[xbtc-im]

actual requested permissions:

aapt dump badging ivms.apk | grep permission
uses-permission: name='android.permission.FLASHLIGHT'
uses-permission: name='android.permission.HARDWARE_TEST'
uses-permission: name='android.permission.DISABLE_KEYGUARD'
uses-permission: name='android.permission.KILL_BACKGROUND_PROCESSES'
uses-permission: name='android.permission.WRITE_EXTERNAL_STORAGE'
uses-permission: name='android.permission.MOUNT_UNMOUNT_FILESYSTEMS'
uses-permission: name='android.permission.READ_EXTERNAL_STORAGE'
uses-permission: name='android.permission.VIBRATE'
uses-permission: name='android.permission.INTERNET'
uses-permission: name='android.permission.ACCESS_NETWORK_STATE'
uses-permission: name='android.permission.ACCESS_WIFI_STATE'
uses-permission: name='android.permission.WAKE_LOCK'
uses-permission: name='android.permission.GET_TASKS'
uses-permission: name='android.permission.RECORD_AUDIO'
uses-permission: name='com.google.android.providers.gsf.permission.READ_GSERVICES'
uses-permission: name='android.permission.READ_PHONE_STATE'
uses-permission: name='android.permission.CAMERA'
uses-permission: name='android.permission.CHANGE_WIFI_STATE'
uses-permission: name='android.permission.GET_ACCOUNTS'
uses-permission: name='com.mcu.iVMSHD.permission.C2D_MESSAGE'
uses-permission: name='com.google.android.c2dm.permission.RECEIVE'
uses-permission: name='com.mcu.iVMSHD.push.sdk.permission.EZVIZ_MESSAGE'
uses-permission: name='android.permission.CHANGE_NETWORK_STATE'
uses-permission: name='android.permission.RECEIVE_BOOT_COMPLETED'
uses-implied-feature: name='android.hardware.camera' reason='requested android.permission.CAMERA permission'
uses-implied-feature: name='android.hardware.microphone' reason='requested android.permission.RECORD_AUDIO permission'
uses-implied-feature: name='android.hardware.wifi' reason='requested android.permission.ACCESS_WIFI_STATE permission, and requested android.permission.CHANGE_WIFI_STATE permission'

visible permissions:
Camera Contacts Microphone Network (on Copperhead) Phone Sensors Storage.

Most users maybe have no idea on those permissions, however, on an OS centered on security/privacy, my opinion is that all permissions should be user selectable. Does this count as a reason ?

[thestinger]

You're comparing raw low-level install permissions used by developers to toggles for permission groups aimed at users. That's not something directly comparable.

Camera Contacts Microphone Network (on Copperhead) Phone Sensors Storage.

The Network and Sensors toggles are both specific to CopperheadOS.

[thestinger]

You're comparing raw low-level install permissions used by developers to toggles for permission groups aimed at users. That's not something directly comparable.

Camera Contacts Microphone Network (on Copperhead) Phone Sensors Storage.

The Network and Sensors toggles are both specific to CopperheadOS.

[xbtc-im]

Couldn't those raw level permissions be user selectable ?

[xbtc-im]

Couldn't those raw level permissions be user selectable ?

[thestinger]

No, that's not how the permission group toggles work.

[thestinger]

No, that's not how the permission group toggles work.

[xbtc-im]

the app i talked about before, is a security cam viewer app, at every startup and when the screen is on, it tries to connect to an outside server. the vpn blocks it, but however it should only run when i want to see my cameras. it shouldn't even run if i don't need it. or google doesn't allow permissions to be so selectable ?

[xbtc-im]

the app i talked about before, is a security cam viewer app, at every startup and when the screen is on, it tries to connect to an outside server. the vpn blocks it, but however it should only run when i want to see my cameras. it shouldn't even run if i don't need it. or google doesn't allow permissions to be so selectable ?

[thestinger]

or google doesn't allow permissions to be so selectable ?

It's not about what Google does or doesn't allow. Permissions don't work the way you think. You're getting bogged down in assumptions about implementation details.

[thestinger]

or google doesn't allow permissions to be so selectable ?

It's not about what Google does or doesn't allow. Permissions don't work the way you think. You're getting bogged down in assumptions about implementation details.

[xbtc-im]

Maybe i am, i'm not a developer. But some permissions should be more user-configurable.

[xbtc-im]

Maybe i am, i'm not a developer. But some permissions should be more user-configurable.

[thestinger]

the app i talked about before, is a security cam viewer app, at every startup and when the screen is on, it tries to connect to an outside server. the vpn blocks it, but however it should only run when i want to see my cameras. it shouldn't even run if i don't need it.

Apps don't need any permissions to run in the background. The app being treated as not having RECEIVE_BOOT_COMPLETED wouldn't accomplish what you want.

[thestinger]

the app i talked about before, is a security cam viewer app, at every startup and when the screen is on, it tries to connect to an outside server. the vpn blocks it, but however it should only run when i want to see my cameras. it shouldn't even run if i don't need it.

Apps don't need any permissions to run in the background. The app being treated as not having RECEIVE_BOOT_COMPLETED wouldn't accomplish what you want.

[thestinger]

Maybe i am, i'm not a developer. But some permissions should be more user-configurable.

It certainly doesn't make sense to simply expose the remaining permissions as toggles. That's not how designing features and user interfaces works, and we're also not going to do a bunch of pointless work on useless toggles.

[thestinger]

Maybe i am, i'm not a developer. But some permissions should be more user-configurable.

It certainly doesn't make sense to simply expose the remaining permissions as toggles. That's not how designing features and user interfaces works, and we're also not going to do a bunch of pointless work on useless toggles.

[xbtc-im]

:) my point exactly. they should be allowed to run in background
or disallowed for that matter

[xbtc-im]

:) my point exactly. they should be allowed to run in background
or disallowed for that matter

[thestinger]

The appops RUN_IN_BACKGROUND doesn't actually do that, which is exactly why it makes no sense to directly expose low-level implementation details to users. It would just confuse and mislead people along with being a complex maintenance burden.

[thestinger]

The appops RUN_IN_BACKGROUND doesn't actually do that, which is exactly why it makes no sense to directly expose low-level implementation details to users. It would just confuse and mislead people along with being a complex maintenance burden.

[xbtc-im]

Understwood

[xbtc-im]

Understwood

[thestinger]

These have been filed for a while, and as you can see no progress has been made:

• #636
• #637
• #638

Feature requests don't accomplish anything without someone to work on them.

It may be possible to simply close this one based on research determining that it's already prevented: #635.

[thestinger]

These have been filed for a while, and as you can see no progress has been made:

• #636
• #637
• #638

Feature requests don't accomplish anything without someone to work on them.

It may be possible to simply close this one based on research determining that it's already prevented: #635.

[thestinger]

I don't think we need more open issues about permissions in the background or the ability to run in the background until the existing tasks are finished. It's something we're conscious of as you can see from the background clipboard access toggle and those issues. Ideas are worthless without putting in the work though, and we don't have the resources to get everything on the tracker implemented.

[thestinger]

I don't think we need more open issues about permissions in the background or the ability to run in the background until the existing tasks are finished. It's something we're conscious of as you can see from the background clipboard access toggle and those issues. Ideas are worthless without putting in the work though, and we don't have the resources to get everything on the tracker implemented.