diff options
author | Unsuk Jung <unsuk@google.com> | 2015-10-01 22:40:49 +0000 |
---|---|---|
committer | Android (Google) Code Review <android-gerrit@google.com> | 2015-10-01 22:40:49 +0000 |
commit | 901781bf58ad110bdfca394deeca8b43c0191d14 (patch) | |
tree | f89f12bb4bc377fa135679e0d29a9d86077a7b82 | |
parent | aa5f174bbe36e8fe88be273dbfe38ab43b952479 (diff) | |
parent | ad5c4c33520595e8881cda03f64d9ca61539f178 (diff) | |
download | source.android.com-901781bf58ad110bdfca394deeca8b43c0191d14.tar.gz |
Merge "CDD: Req. when granting dangerous permission for pre-installed apps" into mnc-dev
-rw-r--r-- | src/compatibility/android-cdd.html | 20 |
1 files changed, 15 insertions, 5 deletions
diff --git a/src/compatibility/android-cdd.html b/src/compatibility/android-cdd.html index 7f751bbb..ad69b545 100644 --- a/src/compatibility/android-cdd.html +++ b/src/compatibility/android-cdd.html @@ -4226,11 +4226,21 @@ ignored. Implementations MAY add additional permissions, provided the new permission ID strings are not in the android.* namespace.</p> <p>Permissions with a protection level of dangerous are runtime permissions. Applications -with targetSdkVersion > 22 request them at runtime. The system MUST show a dedicated UI for the -user to decide whether to grant the requested runtime permissions and also provide a UI for the -user to manage runtime permissions. On the system there MUST be one and only one -implementation of both the UI for the user to accept runtime permissions and the UI for -the user to manage runtime permissions.</p> +with targetSdkVersion > 22 request them at runtime. Device implementations:</p> + +<ul> +<li>MUST show a dedicated interface for the user to decide whether to grant the +requested runtime permissions and also provide an interface for the user to manage +runtime permissions.</li> +<li>MUST have one and only one implementation of both user interfaces.</li> +<li>MUST NOT grant any runtime permissions to preinstalled apps unless: + <ul> + <li>the user's consent can be obtained before the application uses it</li> + <li>the runtime permissions are associated with an intent pattern for which the preinstalled + application is set as the default handler</li> + </ul> +</li> +</ul> <h2 id="9_2_uid_and_process_isolation">9.2. UID and Process Isolation</h2> |