How to determine obsolete permissions?

Question

How to determine obsolete permissions?

I am working on an android application with a huge source code base. I do not like that my application requires more than a few permissions, and I began to suspect that there are several that are outdated and no longer needed.

Question - How to determine if this is really, and which are really out of date?

I tried to remove the suspicious permission and recompile it (using Eclipse Juno), and hoped that it was compiled to mark it as an error or warning, but it is not.

He also tried to explicitly run Lint in code, and he also did not find it.

An application compiled and run on the device, and, I think, this will lead to an exception of the runtime environment with AccessDenied when the corresponding API will be called with some stream of code.

Is there an efficient way to detect this API without looking at the entire source code or running the application in multiple scenarios?

Thank!

+5

java android deprecated manifest permissions

Dekel Jul 2 '12 at 15:50

source share

4 answers

Ejp · Answer 1 · 2012-07-03T02:23:42+0000

Run your code with -Djava.security.debug = access, fail. This will show you all the permissions that are actually used.

Geobits · Answer 2 · 2012-07-02T16:25:40+0000

Unfortunately, the short answer is no. There is no automated way to detect it. The only proven and proven methods are removing permissions one by one and testing, or checking your code for verification.

, . , script, . API.

Chris Stratton · Answer 3 · 2012-07-03T02:29:15+0000

, .

, , , , .

, , , , , , Java-. ( SO) , ; , .

Lebleu · Answer 4 · 2012-08-23T14:17:22+0000

I don’t know how well this works, but it seems that some researchers from UC Berkeley are working on a project for scanning Android applications and show what permissions they use. Additional information at http://www.android-permissions.org/

How to determine obsolete permissions?

More articles: