Try to reduce a few of the permissions in Android

[andrewxhill]

one odd one for example is, "draw over other apps"

but a user reported also, Querying running apps and Phone information. not certain where each of those is requested, but would be good to eliminate any we don't actually have a requirement for.

[asutula]

Sounds like someone that is running an old version that includes that permissions lib we had at one point?

[asutula]

I've never seen any of those you mention.

[andrewxhill]

you can see those here actually,

https://play.google.com/store/apps/details?id=com.textile

in 'view details' of permissions

[carsonfarmer]

Report of which underlying libs are requiring specific Android permissions. Most of this was obtained by combing through the build/outputs/logs/manifest-merger-debug-report.txt

• Device & app history

  • [x] retrieve running apps
    • android.permission.GET_TASKS required by tsbackgroundfetch (we should try to drop this one!)

• Location

  • [x] precise location (GPS and network-based)
    • android.permission.ACCESS_FINE_LOCATION required by textile-mobile

• Phone

  • [x] read phone status and identity
    • android.permission.READ_PHONE_STATE required by lifecycle and crashlytics

• Photos/Media/Files

  • [x] read the contents of your USB storage
    • android.permission.READ_EXTERNAL_STORAGE required by react-native-image-picker and uploadservice
  • [x] modify or delete the contents of your USB storage
    • android.permission.WRITE_EXTERNAL_STORAGE required by textile-mobile, uploadservice, react-native-fs

• Storage

  • [x] read the contents of your USB storage
    • android.permission.READ_EXTERNAL_STORAGE required by uploadservice and react-native-fs, react-native-background-fetch,
  • [x] modify or delete the contents of your USB storage
    • android.permission.WRITE_EXTERNAL_STORAGE required by uploadservice and react-native-fs

• Camera

  • [x] take pictures and videos
    • android.permission.CAMERA required by textile-mobile in general

• Device ID & call information

  • [x] read phone status and identity
    • android.permission.READ_PHONE_STATE required by lifecycle and crashlytics

• Other

  • [x] receive data from Internet
    • android.permission.INTERNET required by textile-mobile in general
  • [x] view network connections
    • android.permission.ACCESS_NETWORK_STATE required by textile-mobile, firebase, android-job
  • [x] full network access
    • android.permission.INTERNET required by textile-mobile in general
  • [x] run at startup
    • android.permission.RECEIVE_BOOT_COMPLETED required by react-native-background-fetch
  • [x] draw over other apps
    • android.permission.SYSTEM_ALERT_WINDOW required by react-native (also requested by textile-mobile)
  • [x] prevent device from sleeping
    • android.permission.WAKE_LOCK requested by firebase, uploadservice, android-job

Note that ShortcutBadger seems to require a lot of device specific permissions

[carsonfarmer]

Now the question becomes, can we remove any of these libs?

• We should really try to avoid android.permission.GET_TASKS, as This permission was deprecated in API level 21.
• I don't think we can remove android.permission.SYSTEM_ALERT_WINDOW (because we're using react-native) even though the docs say: "Very few apps should use this permission; [...]"
• Seems like we could not require android.permission.RECEIVE_BOOT_COMPLETED if we tweak react-native-background-fetch?
• Seems like android.permission.READ_PHONE_STATE might make some people nervous? Do we really need this for lifecycle and crashlytics (as in, can we tweak this one while still using them)?
• I could also see folks nervous about android.permission.ACCESS_FINE_LOCATION especially if they are using Textile Photos for security/privacy reasons... but not sure there's a way around this unless we don't use background wakeups?

[carsonfarmer]

We have documented the required permissions here on the wiki: https://github.com/textileio/textile-mobile/wiki/Android-Permissions as issues are created to remove and/or modify a given permission, we can update the wiki to reflect this. Users should be linked to the wiki article to give some guidance on why and where permissions are required.

[carsonfarmer]

I'm going to close this given the above wiki page. Please reopen if you think this needs to be discussed further. The TL;DR here is that this will have to be an ongoing 'chore' to slowly eliminate permissions that are no longer required.

[akavel]

@carsonfarmer @andrewxhill Can this be left open as a summary/overview "tracking issue"? Or if not, can you create particular fine-grained issues for each of the permissions separately? Or do you want me to create them, for the ones I'm concerned about? (edit: I think the last one would probably make most sense — this way I'd be able to easily monitor if/when you resolve them, and also not bother you with permissions I don't care so much about?)

As much as I respect your last comment as an expression of intention to fix those, this also leaves me with no good way to track progress on this, and it's important to me exactly because I'm interested in using Textile because of "privacy reasons". (Otherwise, I could just go with Google Drive for backup, isn't that so?) In particular, on the wiki page, I currently see only one link to one "ticket" for one of the "sub-issues", so that's the only thing I can easily track now. How will I know when the permissions will get simplified and I'll be able to stop feeling uneasy and start using Textile? Can you please help me with this?

(Also, apparently GitHub doesn't let me reopen this ticket even if I wanted, just so you'd know.)

[andrewxhill]

just re-opening this for now as per @akavel's request

[andrewxhill]

Okay, just saw similar permissions in the Textile Notes app and realized it must be from React Native. Found this,

https://facebook.github.io/react-native/docs/removing-default-permissions

Looks like we should be able to get rid of a bunch of them.