26

As I am new to Android, I wanted to ask something which is not clear enough to me. I read the API guide about the permissions as a lot more Q&A considering this topic, still, I am not sure if I understand it correctly. So, signature protection level is:

A permission that the system grants only if the requesting application is signed with the same certificate as the application that declared the permission. If the certificates match, the system automatically grants the permission without notifying the user or asking for the user's explicit approval.

Does this mean that I am not able to use any permission with 'signature' protection level, so all permissions defined in the Android's API and having such protection level are unavailable to anyone, apart the team which is developing it?

NValchev
  • 2,855
  • 2
  • 15
  • 17

1 Answers1

33

Does this mean that I am not able to use any permission with 'signature' protection level, so all permissions defined in the Android's API and having such protection level are unavailable to anyone, apart the team which is developing it?

Generally speaking, yes.

More specifically, a signature-level permission means that the app defending itself with that permission (e.g., via android:permission attributes) and the app trying to talk to the first app that needs the permission (<uses-permission> element) must be signed by the same signing key.

If the app defending itself is part of the device firmware, or is the OS itself, only apps signed by the same signing key as that firmware can talk to the defending app by holding the permission.

However, if you write App A that defends itself with a signature-level permission (e.g., a custom one), and you write App B that wants to talk to the defended portions of App A, you can do so, if you are signing App A and App B with the same signing key.

CommonsWare
  • 986,068
  • 189
  • 2,389
  • 2,491
  • 2
    can you explain with example – Surya Prakash Kushawah Feb 17 '17 at 08:58
  • @SuryaPrakashKushawah: I recommend that you ask a separate Stack Overflow question, where you explain **in detail** what your concern is. – CommonsWare Feb 17 '17 at 12:39
  • @CommonsWare I understand that its quite an old answer, but does it still hold for the current scenario? Android is enforcing to use App Bundle from Nov 2021, which means that every app will be signed by Play itself before they are available on Store. So, App A and App B which were earlier secured via `signature-level` protection, won't be anymore as the signing keys will be different. Can you pls clarify or let me know if I am missing something? – reactivedroid Apr 29 '21 at 17:46
  • @AshwiniKumar: AFAIK, the only App Bundle enforcement is for new apps, not existing apps. If you have links that say otherwise, please let me know! AFAIK, App Signing for existing apps allows you to upload an existing signing key, to maintain continuity -- see the second set of numbered items in the first section of [this page](https://developer.android.com/studio/publish/app-signing). So, if App Bundles were required for existing apps, presumably they would use that avenue for handling signing of those bundles using existing signing keys. – CommonsWare Apr 29 '21 at 17:54