os-issue-tracker icon indicating copy to clipboard operation
os-issue-tracker copied to clipboard

Published 20 hours ago verified publisher icon GrapheneOS

Revoke special app permission for Wi-Fi control from apps by default

Open ph00lt0 opened this issue 2 years ago • 4 comments

In relation to my previous enhancement request (https://github.com/GrapheneOS/os-issue-tracker/issues/1312) for making the permission more visible, I would like to request to revoke the the Wi-Fi control permission of apps all together.

I see many apps like banking apps, Google Play, Google Play Services, Google Maps, etc getting installed with this permission enabled by default. It is completely unclear to me why they would need this and neither does the functionality change by disabling it. I have not found a single app that shows different behavior after revoking this permission. The permission does however seem invasive to me and I see few cases this actually would be necessary (setting up iot devices with their own Wi-Fi channel).

Given that many apps like banking apps and the like request and obtain the permission without users knowledge I request to revoke the permission to protect the user until android will have a granting request like it has with notifications since android 13.

ph00lt0 avatar Oct 10 '22 20:10 ph00lt0

Google Play Services might need that permission for working network location

lukashoracek avatar Oct 15 '22 09:10 lukashoracek

Location data including nearby Wi-Fi networks isn't available without the Location permission. Some things need a combination of multiple permissions. Wi-Fi control permission doesn't give access to any sensitive location data without the Location permission too.

thestinger avatar Oct 15 '22 23:10 thestinger

In my experience everything works well without the permission @lukashoracek. Including the location.

But generally GrapheneOS forwards location to GPS by default, so actually it could just be added to the guide on the website if it is disabled by default. I however don't think it is required to function.

ph00lt0 avatar Oct 16 '22 07:10 ph00lt0

Location requires Location permission and gives access to location data. Our sandboxed Google Play compatibility layer is only relevant to apps requesting location directly from Play services geolocation API instead of the OS geolocation API.

thestinger avatar Oct 16 '22 16:10 thestinger

Just to add another use case, it allows applications to control the state of WiFi access point (aka "hotspot").

ASerbinski avatar Nov 21 '22 15:11 ASerbinski

duplicate of #922

empratyush avatar Dec 03 '22 08:12 empratyush