Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ACCESS_ALL_DOWNLOADS
- access all system downloads Network Allows an app to access all downloads in the system via the /all_downloads/ URIs. The protection level could be relaxed in the future to support third-party download managers.
- ACCESS_ALL_EXTERNAL_STORAGE
- access external storage of all users Development Tools Allows the app to access external storage for all users.
- ACCESS_CHECKIN_PROPERTIES
- Access check-in properties Location Allows read/write access to the "properties" table in the (Unix security) checkin database, to change values that get uploaded.
- ACCESS_COARSE_LOCATION
- Approximate location (network-based) Location Allows an app to access approximate location derived from network location sources such as cell towers and Wi-Fi.
- This permission is usually used by applications that display location based ads by publishers like Admob (Google).
- ACCESS_DOWNLOAD_MANAGER
- Access download manager.Network Allows the app to access the download manager and to use it to download files. Malicious apps can use this to disrupt downloads and access private information.
- Only accessible by system apps
- ACCESS_DOWNLOAD_MANAGER_ADVANCED
- Advanced download manager functions.Network Allows the app to access the download manager's advanced functions. Malicious apps can use this to disrupt downloads and access private information.
- ACCESS_DRM
- Access DRM content Allows application to access DRM-protected content.
- ACCESS_FINE_LOCATION
- Precise location (GPS and network-based) Location Allows an app to access precise location from location sources such as GPS, cell towers, and Wi-Fi.
- This permission can be used by applications that display location based ads by publishers like Admob (Google). It is also used by applications that want your exact location. Examples would be Navigation applications, "Check-In" apps like 4square.
- ACCESS_LOCATION_EXTRA_COMMANDS
- Access extra location provider commands Location good example for poor documentation, as even books on Android application development state: The Android documentation doesn’t tell us which location commands are “extra,” so we’ll ask for all of them.
- The documentation of Locus Map gives a hint, though: allows disabling the A-GPS data status and forcing system to load new.
- ACCESS_MOCK_LOCATION
- mock location sources for testing Location Allows an application to create mock location providers for testing, and is intended for development use in e.g. the Android Emulator (to save the dev from having to run around to check if positions are displayed correctly). Cases where this is needed in an app ready for endusers should be rare.
- Requires "Allow mock locations" to be enabled in developer options
- ACCESS_NETWORK_STATE
- View network connections Network Allows applications to access information about networks, including if a network is available (or just connecting), what type of network the device is connected to, if any (WiFi, 3G, LTE), if it's in Roaming, and also reasons for a failed connection attempt (if any).
- Good use: The application may check the state of your connection before trying to access the internet, and e.g. restrict itself to WiFi for some actions.
- Bad use: Only in combination with other permissions (e.g. data collection for profiling).
- ACCESS_NOTIFICATION_POLICY
- Marker permission for applications that wish to access notification policy.Enables an app to toggle your notification policy, e.g. Do Not Disturb. Runtime Permission; i.e. user must at least confirm this once.
- ACCESS_NOTIFICATIONS
- Access notifications System Tools Allows the app to retrieve, examine, and clear notifications, including those posted by other apps.
- This permission is reserved for system apps. It was introduced with Android 4.3 as part of the new Notification Service.
- ACCESS_SUPERUSER
- Use root privileges System Tools An app with this permission obviously wants to use "root powers". This permission requested or not, no app automatically gets granted those "root powers"; but some "SuperUser apps" can be configured to ignore requests by all apps not having it. For all (other) apps, the user has to acknowledge their legitimity at least on the first request. Thus an app with this permission does not automatically have root permission – but only obtains them when the user explicitely approves that to the "SuperUser app".
- Warning: an app with root-powers can do pretty much anything to your system. So better be sure you trust its developer (and your installation source) that far.
- ACCESS_SURFACE_FLINGER
- Access SurfaceFlinger System Tools Allows an application to use SurfaceFlinger's low level features.
- SurfaceFlinger is part of Android's media framework. It provides a compositor which takes care for rendering in frame buffers (so this has to do with graphics).
- ACCESS_WEATHERCLOCK_PROVIDER
- Access Huawei WeatherClock data This permission allows accessing data of the Huawei Content Provider for WeatherClock. For details, please see Android.SE.
- ACCESS_WIFI_STATE
- View Wi-Fi connections Network This could be requested by any application that uses internet access. The application may check the state of your connection before trying to access the internet.
- It's comparable to ACCESS_NETWORK_STATE, just for WiFi.
- ACCESS_WIMAX_STATE
- View WIMAX connections Network Allows the app to determine whether WiMAX is enabled and information about any WiMAX networks that are connected.
- ACCOUNT_MANAGER Act as the AccountManagerService Accounts Allows applications to call into AccountAuthenticators. Only the system can get this permission.
- An account-manager is the service working behind the scenes and taking care everything works as expected.
- This permission is reserved for system apps.
- For details, take a look at the Stack Exchange article What does permission “MANAGE_ACCOUNTS” mean?
- ACTIVITY_RECOGNITION
- Activity recognition Personal Information Allows an app to receive periodic updates of your activity level from Google,for example, if you are walking, driving, cycling, or stationary. This is part of Google Play Services ActivityRecognitionClient.
- According to the API reference, the app doesn't receive any coordinates this way, but rather the type of the detected activity – e.g. WALKING, RUNNING, or STILL.
- ADD_VOICEMAIL
- Add Voicemail Voice Mailbox Allows the app to add messages to your voicemail inbox.
- adm.permission.RECEIVE
- Receive Amazon Device Messaging notifications Network Allows apps to accept cloud to device messages sent by the app's service (Amazon Device Messaging – like GoogleCloudMessaging). Using this service will incur data usage.
- ANT Connect to ANT sensors
- Network Allow to connect to ANT and ANT+ sensors. For what ANT is about, see Wikipedia and the ANT Android page.
- ANT_ADMIN
- Manage ANT connections Network Allow to manage connections to ANT and ANT+ sensors. For what ANT is about, see Wikipedia and the ANT Android page.
- AUTHENTICATE_ACCOUNTS
- Create accounts and set passwords Accounts Allows an application to act as an AccountAuthenticator for the AccountManager. This is for applications that would authenticate you to their service.
- An app using this permission usually provides an interface to deal with a certain account type (which is not known by the pre-installed Android system), such as Dropbox. As shipped, Android does not know how to login to Dropbox and how to deal with a Dropbox account – so the Dropbox app provides the mechanism. Additionally, an "account authenticator" might restrict the actions an app can perform with the account (so it would e.g. be possible to administrate this via some web interface offered by the service). More details can be found e.g. in this Stack Exchange post.
- BACKUP Control system backup and restore
- Permits an app to manage backups of another app. This e.g. includes to tell the BackupManager that: data of that app have changed (dataChanged()), all backups of that app should be deleted (clearBackupData()), or backups for that app should be (de)activated.
- BACKUP_DATA
- Participate in the system backup and restore Allows the application to participate in the system's backup and restore mechanism.
- Packages that do not use android.
- permission.BACKUP_DATA
- will neither be backed up nor restored. This seems to be an old (and possibly deprecated?) permission, as a commit message of August 2009 describes: In the future if access to the backup/restore infrastructure is made available to arbitrary 3rd party applications, the permission checks (and indeed, the permission itself) can simply be removed, and another one of February 2010 confirms: Any package can now participate in backup/restore, without requiring any manifest-declared permission.
- badge.permission.READ
- Read notification badges com.sec.android.provider.badge.* refer to the so called "Badge Provider", which is responsible for drawing numbers on your homescreen/lockscreen icons for e.g. missed calls or pending messages. Not clear to me is why an app must read these numbers; couldn't it simply tell the service to add/remove a given number to/from icon X?
- For some details, please take a look at this Stack Exchange article.
- Might be a permission specific to Samsung Touchwiz (with "sec" referring to the "seclauncher"); not sure whether other devices are affected by it.
- badge.permission.WRITE Write notification badges no 0 0 Enables an app to paint numbers on icons, using the "Badge Service" described with badge.permission.READ.
- BATTERY_STATS
- Read battery statistics System Tools Allows an application to collect battery statistics. Battery widgets and other battery information tools use this permission.
- BIND_ACCESSIBILITY_SERVICE
- Bind to an Accessibility Service Accessibility Allows the holder to bind to the top-level interface of an accessibility service. Must be required by an AccessibilityService, to ensure that only the system can bind to it.
- BIND_APPWIDGET
- Choose Widgets Personal Information Allows an application to tell the AppWidget service which application can access AppWidget's data. The normal user flow is that a user picks an AppWidget to go into a particular host, thereby giving that host application access to the private data from the AppWidget app. An application that has this permission should honor that contract. Very few applications should need to use this permission.
- BIND_DEVICE_ADMIN
- Interact with device admin System Tools Allows the holder to send intents to a device administrator. Must be required by device administration receiver, to ensure that only the system can interact with it.
- BIND_INPUT_METHOD
- Bind to an Input Method System Tools Allows the holder to bind to the top-level interface of an input method. Must be required by an InputMethodService, to ensure that only the system can bind to it.
- BIND_JOB_SERVICE
- run the application's scheduled background work System Tools This permission gives access to the JobService and allows the Android system to run the application in the background when requested.
- BIND_NFC_SERVICE
- Bind NFC Service System Tools Must be required by a hostApduService or OffHostApduService to ensure that only the system can bind to it.
- BIND_NOTIFICATION_LISTENER_SERVICE Bind Notification Listener Service System Tools Must be required by an NotificationListenerService, to ensure that only the system can bind to it.
- BIND_PRINT_SERVICE
- Bind Print Service System Tools Must be required by a PrintService, to ensure that only the system can bind to it.
- BIND_REMOTEVIEWS
- Bind to a widget service System Tools Allows the holder to bind to the top-level interface of a widget service. Must be required by a RemoteViewsService, to ensure that only the system can bind to it.
- BIND_TEXT_SERVICE Bind to a Text Service System Tools Allows the holder to bind to the top-level interface of a text service (e.g. SpellCheckerService). Must be required by a TextService to ensure that only the system can bind to it.
- BIND_VPN_SERVICE
- Bind to a VPN service System Tools Allows the holder to bind to the top-level interface of a Vpn service. Must be required by a VpnService, to ensure that only the system can bind to it.
- BIND_WALLPAPER
- Bind to wallpaper System Tools Allows the holder to bind to the top-level interface of wallpaper. Must be required by a WallpaperService, to ensure that only the system can bind to it.
- BLUETOOTH
- Pair with Bluetooth devices Bluetooth Allows applications to connect to paired bluetooth devices.
- Typical applications that would need bluetooth access include: sharing applications, file transfer apps, apps that connect to headset or wireless speakers.
- BLUETOOTH_ADMIN
- Access Bluetooth settings Bluetooth Allows applications to discover and pair bluetooth devices.
- BLUETOOTH_PRIVILEGED
- Bluetooth Privileged Bluetooth Allows applications to pair bluetooth devices without user interaction. This is not available to third party applications.
- BODY_SENSORS
- body sensors (like heart rate monitors) Personal Information Allows the app to access data from sensors you use to measure what's happening inside your body, such as heart rate.
- BRICK (HAHAHA WOW MAY LIBRENG 500 TB TO)
- Permanently disable phone System Tools si 0 5 Required to be able to disable the device (very dangerous!). Not available to 3rd party apps – and seemingly even not used anywhere, see Why do some apps request too many permissions?.
- BROADCAST_DATA_MESSAGE
- Broadcast data messages to apps Network Can broadcast data messages received from the Internet to apps registered to listen for them. Reserved to system apps.
- BROADCAST_PACKAGE_ADDED
- Send Package Added Broadcast System Tools Allows an application to broadcast a notification that an application package has been added.
- BROADCAST_PACKAGE_REMOVED
- Send package removed broadcast System Tools Allows an application to broadcast a notification that an application package has been removed.
- BROADCAST_SMS
- Send SMS-received broadcast Messages Allows an application to broadcast an SMS receipt notification.
- BROADCAST_STICKY
- Send Sticky Broadcasts System Tools Allows an application to broadcast sticky intents. These are broadcasts whose data is held by the system after being finished, so that clients can quickly retrieve that data without having to wait for the next broadcast.
- The permission has to do with how applications "talk" to each other using a communication method called Intents. While this permission is highly technical it is a relatively low importance. There are no know obvious malicious uses for this permission.
- BROADCAST_WAP_PUSH
- Send WAP-PUSH-received broadcast Messages Allows an application to broadcast a WAP PUSH receipt notification.
- Not for use by third-party applications.
- c2dm.permission.RECEIVE
- Receive data from Internet network Allows apps to accept cloud to device messages sent by the app's service (GoogleCloudMessaging). Using this service will incur data usage. Malicious apps could cause excess data usage.
- c2dm.permission.SEND
- Send data to Internet network Allows apps to send cloud to device messages (GoogleCloudMessaging). Using this service will incur data usage.
- CALL_PHONE
- Directly call phone numbers Phone Calls Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call being placed.
- This permission is of high importance. This could let an application call a 1-900 number and charge you money. However, this is not as common a way to cheat people in today's world as it used to be. Legitimate applications that use this include: Google Voice and Google Maps.
- Another important point to note here is that any app can launch the phone screen and pre-fill a number for you. However, in order to make the call, you would need to press "Send" or "Call" yourself. The difference with this permission is that an app could make the entire process automatic and hidden.
- CALL_PRIVILEGED
- Directly call any phone numbers Phone Calls Allows an application to call any phone number, including emergency numbers, without going through the Dialer user interface for the user to confirm the call being placed. For technical details, see CALL_PHONE.
- CAMERA
- Take pictures and videos Camera Required to be able to access the camera device.
- CAPTURE_AUDIO_OUTPUT
- Capture audio output Allows an application to capture audio output. Not for use by third-party applications.
- Requested e.g. by Google Play Services.
- CAPTURE_SECURE_VIDEO_OUTPUT
- Capture Secure Video Output Allows an application to capture secure video output. Not for use by third-party applications.
- Requested e.g. by Google Play Services.
- CAPTURE_VIDEO_OUTPUt
- Capture Video Output Allows an application to capture video output. Not for use by third-party applications.
- Requested e.g. by Google Play Services
- CHANGE_BACKGROUND_DATA_SETTING
- Change background data usage setting Network Allows the app to change the background data usage setting.
- CHANGE_COMPONENT_ENABLED_STATE
- Enable or disable app components System Tools Allows an app to change whether an application component (other than its own) is enabled or not.
- Malicious apps may use this to disable important device capabilities. Care must be used with this permission, as it is possible to get app components into an unusable, inconsistent, or unstable state
- CHANGE_CONFIGURATION
- Change system display settings Development Tools Allows an application to modify the current configuration, such as locale.
- CHANGE_NETWORK_STATE
- Change network connectivity Network Allows applications to change network connectivity state.
- Good Cop: Enable network connection only when needed, according to the requirements of the user.
- Bad Cop: Cause extra costs (especially when in roaming) just for mischievous glee; secretly transfer data (in conjunction with INTERNET)
- CHANGE_WIFI_MULTICAST_STATE
- Allow Wi-Fi Multicast reception Effects on Battery Life Allows applications to enter Wi-Fi Multicast mode. This allows to send data packages to multiple recipients simultaneously, without using additional bandwidth. Useful e.g. for streaming servers supporting multiple clients. It also enables to receive network packages not intended for the own device (sniffing).
- Uses more power than non-multicast-mode.
- CHANGE_WIFI_STATE
- Connect and disconnect from Wi-Fi network Allows applications to change Wi-Fi connectivity state. Think of it as CHANGE_NETWORK_STATE for WiFi.
- CHANGE_WIMAX_STATE
- Change WiMAX state Network Allows the app to connect the device to and disconnect the device from WiMAX networks.
- CHANGE_NETWORK_STATE for WIMAX. Also can apply changes to configured WIMAX networks.
- CLEAR_APP_CACHE
- Delete all app cache data System Tools Allows an application to clear the caches of all installed applications on the device.
- CLEAR_APP_USER_DATA
- Delete other apps data System Tools Allows an application to clear user data.
- COLLECT_METRICS
- Collect customer metrics Permits an app to collect customer metrics for Amazon, on how an app is used. This permission is bound to the Amazon Metrics Service Application (com.amazon.client.metrics) and thus only granted with that app installed.
- CONFIGURE_SIP
- Full access to SIP Accounts/Calls/Messages Phone Calls Configure SIP accounts and settings, access to SIP contents (call logs, messages...), extends and hook SIP flow.
- A malicious app with this permission can cause additional costs by e.g. configuring a costly SIP service.
- CONNECTIVITY_INTERNAL
- Use privileged ConnectivityManager API Network Allows an internal user to use priviledged ConnectivityManager APIs.
- CONTROL_LOCATION_UPDATES
- Control Location Updates Location Allows enabling/disabling location update notifications from the radio. Not for use by normal applications.dashclock.permission.
- READ_EXTENSION_DATA
- request DashClock extension data Allows requesting DashClock extension data.
- DELETE_CACHE_FILES
- Delete other apps cache System Tools Allows an application to delete cache files. Not for use by third-party applications.
- DELETE_PACKAGES
- Delete apps System Tools Allows an application to delete packages. Not for use by third-party applications.
- DEVICE_POWER
- Device Power Management System Tools Allows low-level access to power management. Not for use by third-party applications.
- DIAGNOSTIC
- Read/write to resources owned by diag System Tools Allows the app to read and write to any resource owned by the diag group; for example, files in /dev.
- This could potentially affect system stability and security. This should be ONLY be used for hardware-specific diagnostics by the manufacturer or operator. It's not intended for use by third-party applications.
- DISABLE_KEYGUARD
- Disable your screen lock Screenlock Allows applications to disable the keyguard.
- This permission is of medium-high importance. It allows an app to disable the "lock screen" that most phones go into after going to sleep and been turned on again. This lockscreen can sometimes be a password screen, or a PIN screen, or just a "slide to unlock" screen.
- DOWNLOAD_WITHOUT_NOTIFICATION
- Download files without notification Network no 0 Allows to queue downloads without a notification shown while the download runs.
- Good Cop: A PodCast player could use this to preload content without "spamming" the notification area.
- Bad Cop: Download malware modules in background without the user´s notice.
- DUMP
- Retrieve system internal state Development Tools Allows an application to retrieve state dump information from system services. Not for use by third-party applications.
- The information accessible with this permission is most likely comparable of that retrieved by the dumpsys command-line tool. Evil apps could theoretically use this to access private and protected data.
- email.ACCESS_PROVIDER
- Access email provider data Messages Allows this application to access your email database, including received messages, sent messages, usernames and passwords. Not available to third-party apps.
- EXPAND_STATUS_BAR Expand/collapse status bar Status bar Allows an application to expand or collapse the status bar.
- This appears to be a system permission – not for use by regular applications.
- FACTORY_TEST
- Factory Test System Tools Run as a manufacturer test application, running as the root user. Only available when the device is running in manufacturer test mode.
- FLASHLIGHT
- Control flashlightEffects on Battery Life Allows access to the flashlight.
- FORCE_BACK
- Force app to close System Tools Allows the app to force any activity that is in the foreground to close and go back.
- FORCE_STOP_PACKAGE
- force stop other apps System Tools Allows the app to forcibly stop other apps. Should be reserved for system apps. Malicious apps could use this to disable security apps.
- FREEZE_SCREEN
- freeze screen System Tools Allows the application to temporarily freeze the screen for a full-screen transition. This permission is provided by the Android OS itself, and is not available to third-party-apps.
- GALLERY_PROVIDed
- wala akong mahanap na info kaya sa tingin ko ito ay permission is required to access multimedia data via the gallery content provider.
- GET_ACCOUNTS
- Find accounts on the device Accounts Allows access to the list of accounts in the Accounts Service
- GET_APP_OPS_STATS
- Retrieve app ops statistics System Tools Allows the app to retrieve collected application operation statistics. Not for use by normal apps.
- GET_PACKAGE_SIZe
- Measure app storage space System Tools Allows an application to find out the space used by any package.
- This permission does not seem to have any risk associated with it.
- GET_TASK
- Retrieve running apps App Information Allows an application to get information about the currently or recently running tasks: a thumbnail representation of the tasks, what activities are running in it, etc.
- GET_TOP_ACTIVITY_INFO
- Get Top Activity Info App Information Allows an application to retrieve private information about the current top activity, such as any assist context it can provide. Not for use by third-party applications.
- GLOBAL_SEARCH Global Search System Tool This permission can be used on content providers to allow the global search system to access their data. Typically it used when the provider has some permissions protecting it (which global search would not be expected to hold), and added as a read-only permission to the path in the provider where global search queries are performed. This permission can not be held by regular applications; it is used by applications to protect themselves from everyone else besides global search.
- GLOBAL_SEARCH_CONTROL
- Global search control System Tools Allows the application to control the global search. Not available to third party apps.
- GOOGLE_AUTH View
- configured accounts Accounts Allows apps to see the usernames (email addresses) of the Google account(s) you have configured.
- Good Cop: List accounts for the user to chose from when using a Google service
- Bad Cop: Sniff and snoop, find "valid mail adresses" to abuse for other purposes (e.g. spamming)
- GOOGLE_AUTH
- Google mail Accounts Allows apps to sign in to Google mail services using the account(s) stored on this Android device.
- Good Cop: Automatic sign-in to use Google Services in the interest of the user
- Bad Cop: Secretly sign-in without the user´s notice to e.g. send spam or spying on personal data
- GOOGLE_AUTH.wise
- Google Spreadsheets Accounts Allows apps to sign in to Google Spreadsheets using the account(s) stored on this Android device.
- Good Cop: Automatic sign-in to use Google Services in the interest of the user
- Bad Cop: Secretly sign-in without the user´s notice to e.g. spy on personal data
- GOOGLE_AUTH
- writely Google Docs Accounts Allows apps to sign in to Google Docs using the account(s) stored on this Android device.
- Good Cop: Automatic sign-in to use Google Services in the interest of the user
- Bad Cop: Secretly sign-in without the user´s notice to e.g. spy on personal data
- GOOGLE_PHOTOS
- handle photos backed up to G+ This permission is required to access photos backed up to G+
- google.MAPS_RECEIVe
- receive map material from Google Maps Network If an app wants to integrate maps from Google Maps, it needs this permission (along with READ_GSERVICES, INTERNET and WRITE_EXTERNAL_STORAGE).
- GTALK_SERVICE
- Google Talk Service Messages I couldn´t find any documentation on this permission, which is connected to Google Talk resp. Google Hangouts.
- The protection level assigned seems to differ between devices.
- HARDWARE_TEST
- Test Hardware Hardware Controls Allows access to hardware peripherals. Intended only for hardware testing.
- im.permission.READ_ONLY
- read instant messages Messages This is a permission realated to reading instant messages, such as those on GoogleTalk.
- INJECT_EVENTS
- Press keys and control buttons System Tools Allows an application to inject user events (keys, touch, trackball) into the event stream and deliver them to ANY window.
- INSTALL_DRM
- Install DRM content System Tools Allows app to install DRM-protected content.
- DRM stands for Digital Rights Management, sometimes also called "Digital Restriction Management". It is used to control (and restrict) access to media – e.g. by Google Books, Google Movies, or Amazon‘s Kindle.
- INSTALL_LOCATION_PROVIDER
- Install Location Provider Location Create mock location sources for testing or install a new location provider into the Location Manager. This allows the app to override the location and/or status returned by other location sources such as GPS or location providers. Reserved to system apps.
- INSTALL_PACKAGES
- Directly install apps System Tools Allows the app to install new or updated Android packages. Malicious apps may use this to add new apps with arbitrarily powerful permissions. Not for use by third-party applications.
- INSTALL_SHORTCUT
- Install Shortcuts Allows an application to install a shortcut in Launcher (Homescreen).
- INTERACT_ACROSS_USERS
- Interact Across Users Allows an application to call APIs that allow it to do interactions across the users on the device, using singleton services and user-targeted broadcasts. This permission is not available to third party applications.
- INTERACT_ACROSS_USERS_FULL
- Full license to interact across users System Tools Fuller form of INTERACT_ACROSS_USERS that removes restrictions on where broadcasts can be sent and allows other types of interactions.
- INTERNAL_SYSTEM_WINDOW
- Internal System Window System Tools Allows an application to open windows that are for use by parts of the system user interface. Not for use by third party apps.
- INTERNET
- Full network access Network Allows applications to open network sockets. Any application that accesses the internet for any reason will have to request this permission.
- This is of course required to loads ads (which is why most apps request this), but can also be used to spy on personal data. Special caution is advised when this permission is requested at the same time as others which access personal data.
- k9.permission.DELETE_MESSAGES
- Delete messages from K-9 Mail Messages Enables an app to delete mails stored in K-9 Mail
- k9.permission.READ_ATTACHMENT
- Read K-9 Mail attachments messages This is a custom permission for the K-9 Mail app.
- k9.permission.READ_MESSAGES
- Read mails stored in K-9 Mail Messages Enables an app to read mails stored with the K-9 Mail app. Be aware mails can contain sensible personal information!
- KILL_BACKGROUND_PROCESSES
- Close other apps System Tools Allows an application to call killBackgroundProcesses(String).
- launcher.permission.UPDATE_COUNt
- Updating Notification Counts Access the notification API of Apex Launch This permission just enables an app to provide counter information to the launcher. Usually this is done by mail apps. No risks known so far.
- launcher.WRITE_SETTINGS
- write Home settings and shortcuts System Tools The permissions allow an application to modify configuration settings of Android’s Launcher, including that of icons.
- Malicious apps could use this to place (misleading) icons on your homescreen – e.g. one looking like the Playstore – to lure you into actions you otherwise wouldn´t perform.
- LOCATION_HARDWARE
- Access Location hardware Allows an application to use location features in hardware, such as the geofencing api. Not for use by third-party applications.
- MANAGE_ACCOUNTS
- Add or remove accounts Accounts Allows an application to manage the list of accounts in the AccountManager.
- MANAGE_APP_TOKENs
- Manage App Tokens Accounts Allows an application to manage (create, destroy, Z-order) application tokens in the window manager. This is only for use by the system.
- MANAGE_DEVICE_ADMINS
- add or remove a device admin System Tools Allows the holder to add or remove active device administrators. Should never be needed for normal apps.
- MANAGE_DOCUMENTS
- Manage Documents Storage Allows an application to manage access to documents, usually as part of a document picker.
- MANAGE_MTP
- Manage MTP Hardware Controls Allows an application to access the MTP USB kernel driver. For use only by the device side MTP implementation.
- MANAGE_USB
- Manage preferences and permissions for USB devices Hardware Controls Allows an application to manage preferences and permissions for USB devices. Restricted to system apps.
- MANAGE_USERS
- manage users System Tools Allows apps to manage users on the device, including query, creation and deletion. This permission is not available to third party applications.
- MASTER_CLEAR
- Master Clear Allows an app to perform a "master clear" (i.e. factory reset) of the device. Restricted to system apps. Restricted to system apps.
- MEDIA_CONTENT_CONTROL
- control media playback and metadata access Allows an application to know what content is playing and control its playback. Not for use by third-party applications due to privacy of media consumption.
- MMS_SEND_OUTBOX_MSG MMS Wakeup
- Messages Sends out all MMSs from the outbox to the network. Restricted to system apps and those signed with the same key as the ROM.
- MODIFY_AUDIO_SETTINGS
- Change your audio settings Hardware Controls Allows an application to modify global audio settings.
- MODIFY_PHONE_STATE
- Modify Phone State Phone Calls Modify the status of phone functionality: power, MMI codes (call forwarding, Caller ID) – not to initiate calls. But the network could be switched (to a different carrier, roaming) or the radio (de)activated, without informing the user. The permission can also be used to intercept incoming calls.
- MOUNT_FORMAT_FILESYSTEMS
- Erase USB storage System Tools Allows formatting file systems for removable storage.
- The primary danger with this permission is that it could be used to erase data from an SD card or other similar storage in your phone. This is also not a permission any normal app should need.
- MOUNT_UNMOUNT_FILESYSTEMS
- Access USB storage filesystem System Tools Allows mounting and unmounting file systems for removable storage.
- This permission just allows for connecting to SD cards for reading and writing. While not a risk itself, this is also not a permission any normal app should need.
- MOVE_PACKAGE
- Move app resources System Tools Allows an application to move application resources from internal to external media and vice versa.
- PACKAGE_USAGE_STATS
- Update component usage statistics System Tools Allows the modification of collected component usage statistics. Not for use by normal applications.
- Most likely refers to app statistics, e.g. how often an app was started.
- PERFORM_CDMA_PROVISIONING
- Start CDMA phone settings Allow applications to launch CDMA services (a telephony functionality). Reserved to system apps.
- PERSISTENT_ACTIVITY
- Make app always run App Information Allow an application to make its activities persistent.
- PREVENT_POWER_KEY
- Change behaviour of the power key Hardware Controls Allows an application to override the default behaviour for the power key.
- PROCESS_OUTGOING_CALLS
- Reroute outgoing calls Phone Calls Allows an application to monitor, modify, or abort outgoing calls.
- RAISED_THREAD_PRIORITY
- Raised thread priority System Tools Allows the application procedures to obtain the priority of the an elevated the thread. This might be required for e.g. real-time audio/video playback. Malicious apps could however use this to slow down the system.
- READ_ATTACHMENT
- Read email attachments Personal Information This is a custom permission for the default Android email app (i.e. not Gmail). This permission should be treated with great caution. Many email attachments contain highly sensitive and personal or financial information.
- READ_CALENDAR
- Read calendar events plus confidential information Personal Information Allows an application to read the user's calendar data.
- READ_CALL_LOg
- Read Call Logs Personal Information Allows an application to read the user's call log.
- READ_CLIPBOARD
- Read clipboard contents System Tools An app with this permission can read clipboard contents – that is, everything you copy into the clipboard (including passwords, if you copy them). Some more detailed background and preventive measures can be found in the following XDA article: How to Stop Apps from Reading the Android Clipboard to Protect your Privacy (dated 8/2017).
- READ_CONTACTS
- Read your contacts Personal InformationAllows an application to read the user's contacts data.
- READ_CONTENT_PROVIDER
- Access mail information Messages This is primarily for access to information on Mails in Gmail. Developers can use this content provider to display label information to the user.
- READ_EXTERNAL_STORAGE
- Read the contents of your usb storage Storage Allows an application to read from external storage. This permission was granted to all apps by default up to Android 4.3. This changed with Android 4.4 (API level 19), which now requires that applications explicitly request read access using this permission.
- READ_FRAME_BUFFER
- Read Frame Buffer System Tools Allows an application to take screen shots and more generally get access to the frame buffer data.
- READ_GMAIL
- Read Gmail Messages Protection level switched from "dangerous" to "signature" about the time Gingerbread was released (with Gmail 2.3.5), see Android Census – so it's not available to third-party apps (anymore)
- READ_GMAIL_PROVIDER
- Read Gmail Messages Also see: READ_GMAIL. Checking the full permission name,
- READ_GSERVICES
- Read Google service configuration Accounts Allows an app to read the Google services map. Not for use by normal apps.
- READ_HISTORY_BOOKMARKS
- Read your Web bookmarks and history Personal Information Allows an application to read (but not write) the user's browsing history and bookmarks.
- READ_INPUT_STATE
- Record what you type and actions that you take System Tools Allows an application to retrieve the current state of keys and switches, including to watch the keys that you press even when interacting with another app (such as typing a password). This is only for use by the system.
- READ_LOGS
- Read sensitive log data Development Tools Allows an application to read the low-level system log files.
- This allows the application to read what any other applications have logged, which might contain sensitive (and even personal) data.
- READ_MEDIA_STORAGE
- Read internal media storage contents Storage.
- READ_OWNER_DATa
- Read owner data Personal Information Read access to owner data saved on the device
- READ_PHONE_STATE
- Read phone status and identity Phone Calls Allows read only access to phone state.
- READ_PROFILE
- Read your own contact card Personal Information Allows an application to read the user's personal profile data.
- This is a new permission that relates to a special new "Me" contact you can create in your phone or tablet as your own profile.
- READ_SECURE_SETTINGS
- Read Secure Settings Hardware Controls Allows an application to read the secure system settings.
- READ_SETTINGS
- Read Home settings and shortcuts System Tools Allows the app to read the settings and shortcuts in Home.
- Bad Cop: Android Icon Hijacking
- Good Cop: That would need the corresponding WRITE_SETTINGS permission
- READ_SMS
- Read your text messages (SMS or MMS) Messages Allows an application to read SMS messages.
- READ_SOCIAL_STREAM
- Read your social stream Social Information Allows an application to read from the user's social stream.
- This is a new permission introduced with Android 4.0 (Ice Cream Sandwhich).
- READ_SYNC_SETTINGS
- Read sync settings Sync settings Allows applications to read the sync settings.
- READ_SYNC_STATS
- Read sync statistics Sync settings Allows applications to read the sync stats for an account, including the history of sync events and how much data is synced.
- READ_USER_DICTIONARY Read terms you added to the dictionary User Dictionary da 0 0 Allows an application to read the user dictionary. This should really only be required by an IME, or a dictionary editor like the Settings app.
- REAL_GET_TASKS
- Retrieve running tasks App Information Get running tasks/apps. Replaces GET_TASKS with API level 21+ (Lollipop)
- REBOOT
- Reboot System Tools Required to be able to reboot the device. Not for use by third-party applications.
- RECEIVE_BOOT_COMPLETED
- Run at startup App Information Allows an application
- RECEIVE_EMERGENCY_BROADCAST
- Receive Emergency Broadcast Messages Allows an application to receive emergency cell broadcast messages, to record or display them to the user. Reserved for system apps.
- RECEIVE_MMS
- Receive text messages (MMS) Messages Allows an application to monitor incoming MMS messages, to record or perform processing on them.
- RECEIVE_SMS
- Receive text messages (SMS) Messages Allows an application to monitor incoming SMS messages, to record or perform processing on them.
- RECEIVE_USER_PRESENT
- receive USER_PRESENT broadcast I couldn't find any documentation on this permission – so I cannot even tell if it really exists.
- RECEIVE_WAP_PUSH
- Receive text messages (WAP) Messages Allows an application to monitor incoming WAP push messages.
- Sending and receiving MMS is based on WAP. The information that there‘s a MMS message available for download, is sent as WAP Push to the device.
- RECORD_AUDIO
- Record audio Microphone Allows an application to record audio.
- REORDER_TASKS
- Reorder running apps System Tools Allows an application to change the Z-order of tasks. Malware could use this to push some ads o.a. into foreground to be displayed to the user
- REQUEST_INSTALL_PACKAGES
- Allows an application to request installing packages. System Tools Allows an application to request installing packages.
- RESTART_PACKAGES
- Restart other applications System Tools Restart other apps.
- SEND_DOWNLOAD_COMPLETED_INTENTS
- Allows the app to send notifications about completed downloads.
- SEND_RESPOND_VIA_MESSAGE
- Send respond-via-message events Messages Allows an application (Phone) to send a request to other applications to handle the respond-via-message action during incoming calls. Not for use by third-party applications.
- This most likely refers to the possibility to reject incoming calls with an SMS
- SEND_SMS
- Send SMS messages Messages Allows an application to send SMS messages.
- SEND_SMS_NO_CONFIRMATION
- Send SMS with no confirmation Messages Allows an application to send SMS messages via the Messaging app with no user input or confirmation
- SET_ACTIVITY_WATCHER
- Monitor and control all app launching System Tools Allows an application to watch and control how activities are started globally in the system.
- SET_ALARM
- Set an alarm Device Alarms Allows an application to broadcast an Intent to set an alarm for the user.
- This permission seems to be of low risk because it doesnt allow the setting of the alarm directly. Rather it allows the opening of the alarm app on the phone.
- SET_ALWAYS_FINISH
- Force background apps to close Development Tools Allows an application to control whether activities are immediately finished when put in the background.
- SET_ANIMATION_SCALE
- Modify global animation speed System Tools Modify the global animation scaling factor (faster or slower animations). Not for use by third-party applications.
- SET_DEBUG_APP
- Enable app debugging Development Tools Configure an application for debugging. Not for use by third-party applications.
- Gives an app the opportunity to enable debugging for other apps.
- SET_ORIENTATION
- Change screen orientation System Tools Allows low-level access to setting the orientation (actually rotation) of the screen. Not for use by normal applications.
- SET_POINTER_SPEED
- Change pointer speed System Tools Allows the app to change the mouse or touch pad pointer speed at any time. Not for use by normal applications.
- SET_PREFERRED_APPLICATIONS
- Set preferred Apps System Tools Assign default apps. No longer useful. Deprecated with API level 7, it no longer has any effect.
- SET_PROCESS_LIMIT Limit number of running processes Development Tools Allows an application to set the maximum number of (not needed) application processes that can be running. Not for use by third-party applications.
- SET_TIME
- Set Time System clock Allows applications to set the system time. Not for use by third-party apps.
- SET_TIME_ZONE
- Set time zone System clock Allows applications to set the system time zone. Should pose no risk (except you maybe late to work).
- SET_WALLPAPER
- Set Wallpaper Wallpaper Allows applications to set the wallpaper
- SET_WALLPAPER_COMPONE
- Setting live wallpapers System Tool
- SET_WALLPAPER_HINTs
- Adjust your wallpaper size Wallpaper Allows applications to set the wallpaper hints. Lacking documentation, the best guess is this is about settings for size and position.
- SHUTDOWN
- Partial shutdown System Tools Allows an app to put the activity manager into the closed state; does not perform a complete shutdown. Reserved to system apps.
- SIGNAL_PERSISTENT_PROCESSES
- Send Linux signals to apps Development Tools Allow an application to request that a signal be sent to all persistent processes. Not for use by third-party applications.
- STATUS_BAR
- Enable/Disable status bar System Tools Allows an application to open, close, or disable the status bar and its icons. Not for use by third-party applications.
- STATUS_BAR_SERVICE
- Status bar System Tools Allows an application to be the status bar. Reserved for system apps.
- According to StackOverflow: The STATUS_BAR_SERVICE permission is used for apps that what to be the actual status bar. This is a protected permission so unless you're building your own ROM that includes replacing the status bar then I don't think this is the permission you want.
- STOP_APP_SWITCHES
- Prevent app switches System Tools Prevent users from switching to another application. Reserved to system apps.
- SUBSCRIBED_FEEDS_READ
- Read subscribed feeds System Tools Allows an application to allow access the subscribed feeds ContentProvider.
- This would give an app access to RSS feeds that you have subscribed to.
- SUBSCRIBED_FEEDS_WRITE
- Write subscribed feeds System Tools his would give an app write access to RSS feed that you have subscribed to. See also SUBSCRIBED_FEEDS_READ.
- SYSTEM_ALERT_WINDOW
- Draw over other apps Display Allows an application to open windows using the type TYPE_SYSTEM_ALERT, shown on top of all other applications.
- This permission allows an app to show a "popup" window above all other apps, even if the app is not in the foreground.
- TRANSMIT_IR
- Use IR Transmitter effects on Battery Life Allows using the device's IR transmitter, if available. Useful for infrared remote controls.
- UNINSTALL_SHORTCUT
- Uninstall shortcuts Allows an application to uninstall a shortcut in Launcher (Homescreen). See INSTALL_SHORTCUT.
- UPDATE_APP_OPS_STATS
- modify app ops statistics System Tools Enables an app to change collected application operation statistics. Not for use by normal apps.
- UPDATE_DEVICE_STATS
- Update device statistics System Tools Allows an application to update device statistics. Not for use by third party apps.
- USE_CREDENTIALS
- Use accounts on the device Accounts Allows an application to request authtokens from the AccountManager.
- This app may use the "credentials" to log into an account. In most cases, "credentials" just means the corresponding authenticator creates a fitting token and hands that over (though, how to deal with that is left to the authenticator).
- USE_FINGERPRINT
- Allows an app to use fingerprint hardware. Hardware Controls Allows an app to use fingerprint hardware, but does not give the requesting app access to the enrollment/fingerprint administration flow.
- USE_SIP Make/receive Internet calls Phone Calls da 0 2-3 Use SIP for internet telephony.
- USES_POLICY_FORCE_LOCK
- Immediately lock the screen Screenlock Make the device lock immediately, as if the lock screen timeout has expired – but also limit the maximum lock timeout for the device. The "POLICY" part suggests a device manager.
- vending.
- BILLINg
- In-app billing Cause costs This permission is of very high importance. It allows an application to directly bill you for services through Google Play.
- CHECK_LICENSE
- Google Play License check Network Needed to verify the validity of the app's license against Google services. Should only be found with payed apps, but poses no risk with others either.
- VIBRATE
- Control vibration Effects on Battery Life Allows access to the vibrator.
- As it states, this permission lets an app control the vibrate function on your phone. This includes for incoming calls and other events.
- WAKE_LOCK
- Prevent device from sleeping Effects on Battery Life Allows using PowerManager WakeLocks to keep processor from sleeping or screen from dimming.
- WRITE_APN_SETTINGS
- Change/intercept network settings and traffic System Tools Allows an application to change network settings and to intercept and inspect all network traffic, for example to change the proxy and port of any APN.
- WRITE_CALENDAR
- Add or modify calendar events and send email to guests without owners Personal Information Allows an application to write (but not read) the user's calendar data.
- WRITE_CALL_LOG
- Write call log Personal Information dAllows the app to modify your phone's call log, including data about incoming and outgoing calls.
- WRITE_CONTACTS
- Modify your contacts Personal Information Allows an application to write (but not read) the user's contacts data.
- WRITE_EXTERNAL_STORAGE
- Modify or delete the contents of your USB storage Storage Allows an application to write to external storage.
- WRITE_GMAIL
- Modify Gmail Messages Permits an app to change your E-Mails in Google Mail. This includes sending and deleting.
- Assigned protection level differs between devices (dangerous/signature)
- WRITE_GSERVICES
- Write GServices Accounts Allows an application to modify the Google service map. Not for use by third-party applications.
- WRITE_HISTORY_BOOKMARKS
- Write web bookmarks and history Personal Information Allows an application to write (but not read) the user's browsing history and bookmarks.
- WRITE_MEDIA_STORAGE
- Modify/delete internal media storage contents Storage Allows an application to modify the contents of the internal media storage.
- WRITE_OWNER_DATA
- Write Owner data Personal Information Write/change owner data. The API reference not only gives no closer information, but not even mentions the permission at all. A guess is it refers to the owner data one can place on the lock screen
- WRITE_PROFILE
- Modify your own contact card Personal Information This a new permission that relates to a special new "Me" contact you can create in your phone or tablet as your own profile. It's the counter-part to READ_PROFILE.
- WRITE_SECURE_SETTINGS
- Modify secure system settings Development Tools Allows an application to read or write the secure system settings.
- This permission should only be seen on Android system apps (and possibly wireless carriers or hardware manufacturer pre-installed apps).
- WRITE_SETTINGS
- Modify system settings System Tools Allows an application to read or write the system settings.
- Global settings are pretty much anything you would find under Android's main 'settings' window. However, a lot of these settings may be perfectly reasonable for an application to change. Typical applications that use this include: volume control widgets, notification widgets, settings widgets, Wi-Fi utilities, or GPS utilities. Most apps needing this permission will fall under the "widget" or "utility" categories/types.
- WRITE_SMS
- Edit your text messages (SMS or MMS) Messages Allows an application to write SMS messages.
- This permission appears to be an offshoot from the "send SMS" permission. This should allow an app to write, but not send an SMS message. Users should still be cautious of this permission however. Many kinds of malware lure users into sending SMS to special for-pay numbers costing them money.
- WRITE_SOCIAL_STREAM Write to your social stream Social Information da 0 Allows an application to write (but not read) the user's social stream data. Malware could use this to spread messages on behalf of the user.
- WRITE_SYNC_SETTINGS
- Toggle sync on and off Sync settings da Allows applications to write the sync settings.
- This permission relates to backup and sync of certain types of information like contacts. It allows an app to write settings for how that account and the data are sync and backed up. This is a common permission for social services or contact managers or any other type of app with an account associated with it. Alone, this permission doesn't allow an app access to contacts or other sensitive data. Rather, it just relates to how that data is backed up. Nevertheless, care should be taken as always.
- WRITE_USER_DICTIONARY
- Add words to user-defined dictionary User Dictionary no Allows an application to write to the user dictionary.
- This alows an app to add custom words to your user dictionary, so auto-correction will consider it the next time you type it. See also READ_USER_DICTIONARY.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement