3

According to android developer documents, permissions with signature protection level in app A can be acquired if calling application B is signed with same key that A is signed. Also according to this answer, android permissions with signature protection level can not be acquired by third-party applications but in android developer documents, there is a permission named REQUEST_INSTALL_PACKAGES with signature as protection level. I've seen many codes declaring this permission in their codes:

<uses-permission android:name="REQUEST_INSTALL_PACKAGES" />

So how it's possible? What's missing?

Mehran Torki
  • 977
  • 1
  • 9
  • 37

1 Answers1

7

So how it's possible?

It is possible for them to have that element in their manifest because their developers were capable of typing it in.

Just because an app has a <uses-permission> element does not mean that they get the permission. That depends on a lot of factors, including the protectionLevel.

In the specific case of REQUEST_INSTALL_PACKAGES, that does not have a signature value for protectionLevel. It has signature|appop. The appop is a confusing value, but it boils down to "there are odd ways in which the app can exercise the permission". In this case, the package installer on Android 8.0+ will reject outright any app that does not request this permission and tries to use ACTION_VIEW or ACTION_INSTALL_PACKAGE. Otherwise, it will prompt the user to confirm that it is OK for this app to request to install packages.

Note: the |appop part does not appear in the JavaDocs, but it does in the platform manifest, which is what matters at runtime.

CommonsWare
  • 986,068
  • 189
  • 2,389
  • 2,491
  • How did you find out that protection level is `signature|appop` not `signature`? Do you the meaning of `appop` ? Nothing mentioned about it in the documents. – Mehran Torki Nov 07 '18 at 08:29
  • 1
    @MehranTorki: "How did you find out that protection level is signature|appop" -- I looked at the platform manifest file, where these permissions get defined. For example, [here is Android 9.0's platform manifest and the definition of `REQUEST_INSTALL_PACKAGES`](https://github.com/aosp-mirror/platform_frameworks_base/blob/android-cts-9.0_r3/core/res/AndroidManifest.xml#L2990-L2993). "Do you the meaning of appop ?" -- as I wrote in the answer,"there are odd ways in which the app can exercise the permission". These do not behave like ordinary `dangerous` runtime permissions, for example. – CommonsWare Nov 07 '18 at 11:56