Installing with care

One of the differentiating factors of Android from other mobile operating systems is the install time review of an application's permissions. All permissions that an application requires have to be declared in the application's manifest file. These permissions are capabilities that an application requires for functioning properly. Examples include accessing the user's contact list, sending SMSs from the phone, making a phone call, and accessing the Internet. Refer Chapter 3, Permissions, for a detailed description of the permissions.

When a user installs an application, all permissions declared in the manifest file are presented to the user. A user then has the option to review the permissions and make an informed decision to install or not to install an application. Users should review these permissions very carefully as this is the only time that a user is asked for permissions. After this step, the user has no control on the application. The best a user can do is to uninstall the application. Refer to the following screenshot for reference. In this example, the application will track or access the user location, it will use the network, read the user's contact list, read the phone state, and will use some development capabilities. When screening this application for security, the user must evaluate if granting a certain power to this application is required or not. If this is a gaming application, it might not need development tool capabilities. If this is an educational application for kids, it should not need access to the contact list or need to access the user location. Also be mindful of the fact that a developer can add their own permissions especially if they want to communicate with other applications that they have developed as well and may be installed on the device. It is the onus of the developer to provide a clear description of such permissions.

At install time, the framework ensures that all permissions used in the application are declared in the manifest file. The OS at runtime then enforces these permissions.