android:protectionLevel 属性的了解
最近在看framework 权限申明,遇到了android:protectionLevel
<permission android:name="android.permission.INTERNAL_SYSTEM_WINDOW"
android:protectionLevel="signature" />
如下,“signature” 还是比较好了解 ,系统签名,但是有些属性就不是很清楚,如instant、appop、vendorPrivileged 等 。网上也没有找到详细的说明。好吧。我在深入的了解下。
services/core/java/com/android/server/pm/permission/BasePermission.java
该类提供了一下方法去判断 是否是以上属性。但是什么情景对应什么还是未知。
终于找到带具体注释的了,如下
core/res/res/values/attrs_manifest.xml
<attr name="protectionLevel">
an application access to isolated application-level features, with minimal
risk to other applications, the system, or the user. The system
automatically grants this type of permission to a requesting application at
installation, without asking for the user's explicit approval (though the
user always has the option to review these permissions before installing). -->
<flag name="normal" value="0" />
would give a requesting application access to private user data or
control over the device that can negatively impact the user. Because
this type of permission introduces potential risk, the system may
not automatically grant it to the requesting application. For example,
any dangerous permissions requested by an application may be displayed
to the user and require confirmation before proceeding, or some other
approach may be taken to avoid the user automatically allowing
the use of such facilities. -->
<flag name="dangerous" value="1" />
to grant only if the requesting application is signed with the same
certificate as the application that declared the permission. If the
certificates match, the system automatically grants the permission
without notifying the user or asking for the user's explicit approval. -->
<flag name="signature" value="2" />
Base permission type: a permission that the system is to grant only
to packages in the Android system image or that are signed
with the same certificates. Please avoid using this option, as the
signature protection level should be sufficient for most needs and
works regardless of exactly where applications are installed. This
permission is used for certain special situations where multiple
vendors have applications built in to a system image which need
to share specific features explicitly because they are being built
together. -->
<flag name="signatureOrSystem" value="3" />
be granted to any applications installed as privileged apps on the system image.
Please avoid using this option, as the
signature protection level should be sufficient for most needs and
works regardless of exactly where applications are installed. This
permission flag is used for certain special situations where multiple
vendors have applications built in to a system image which need
to share specific features explicitly because they are being built
together. -->
<flag name="privileged" value="0x10" />
<flag name="system" value="0x10" />
(optionally) be granted to development applications. -->
<flag name="development" value="0x20" />
associated with an app op for controlling access. -->
<flag name="appop" value="0x40" />
granted to apps that target API levels below
{@link android.os.Build.VERSION_CODES#M} (before runtime permissions
were introduced). -->
<flag name="pre23" value="0x80" />
granted to system apps that install packages. -->
<flag name="installer" value="0x100" />
granted to system apps that verify packages. -->
<flag name="verifier" value="0x200" />
granted any application pre-installed on the system image (not just privileged
apps). -->
<flag name="preinstalled" value="0x400" />
granted to the setup wizard app -->
<flag name="setup" value="0x800" />
apps -->
<flag name="instant" value="0x1000" />
that target runtime permissions ({@link android.os.Build.VERSION_CODES#M} and above)
-->
<flag name="runtime" value="0x2000" />
if its protection level is signature, the requesting app resides on the OEM partition,
and the OEM has white-listed the app to receive this permission by the OEM.
-->
<flag name="oem" value="0x4000" />
privileged apps in vendor partition. -->
<flag name="vendorPrivileged" value="0x8000" />
granted to the system default text classifier -->
<flag name="textClassifier" value="0x10000" />
wellbeing app, as defined by the OEM. -->
<flag name="wellbeing" value="0x20000" />
granted to the document manager -->
<flag name="documenter" value="0x40000" />
granted to device configurator -->
<flag name="configurator" value="0x80000" />
that will approve the sharing of incident reports. -->
<flag name="incidentReportApprover" value="0x100000" />
granted to the system app predictor -->
<flag name="appPredictor" value="0x200000" />
</attr>