diff options
author | Unsuk Jung <unsuk@google.com> | 2015-09-29 18:03:10 -0700 |
---|---|---|
committer | Unsuk Jung <unsuk@google.com> | 2015-09-30 07:58:28 +0000 |
commit | ad5c4c33520595e8881cda03f64d9ca61539f178 (patch) | |
tree | 0addd712aca4b8dd1f398e34ab47a1d7efa537cc | |
parent | 3cf26b5df5d95bed2a3706fc9a822533719879d6 (diff) | |
download | source.android.com-ad5c4c33520595e8881cda03f64d9ca61539f178.tar.gz |
CDD: Req. when granting dangerous permission for pre-installed apps
Bug: 22044322
NO_SQ: doc change
Change-Id: I220f73d4538990f4bf50740e0ec64435d0874c19
-rw-r--r-- | src/compatibility/android-cdd.html | 20 |
1 files changed, 15 insertions, 5 deletions
diff --git a/src/compatibility/android-cdd.html b/src/compatibility/android-cdd.html index 55fa0146..295b752f 100644 --- a/src/compatibility/android-cdd.html +++ b/src/compatibility/android-cdd.html @@ -4171,11 +4171,21 @@ ignored. Implementations MAY add additional permissions, provided the new permission ID strings are not in the android.* namespace.</p> <p>Permissions with a protection level of dangerous are runtime permissions. Applications -with targetSdkVersion > 22 request them at runtime. The system MUST show a dedicated UI for the -user to decide whether to grant the requested runtime permissions and also provide a UI for the -user to manage runtime permissions. On the system there MUST be one and only one -implementation of both the UI for the user to accept runtime permissions and the UI for -the user to manage runtime permissions.</p> +with targetSdkVersion > 22 request them at runtime. Device implementations:</p> + +<ul> +<li>MUST show a dedicated interface for the user to decide whether to grant the +requested runtime permissions and also provide an interface for the user to manage +runtime permissions.</li> +<li>MUST have one and only one implementation of both user interfaces.</li> +<li>MUST NOT grant any runtime permissions to preinstalled apps unless: + <ul> + <li>the user's consent can be obtained before the application uses it</li> + <li>the runtime permissions are associated with an intent pattern for which the preinstalled + application is set as the default handler</li> + </ul> +</li> +</ul> <h2 id="9_2_uid_and_process_isolation">9.2. UID and Process Isolation</h2> |