Clarify the danger of READ_LOGS and DUMP permissions. (b8dbdc29) · Commits · e / os / android_frameworks_base

core/res/AndroidManifest.xml

+5 −6

core/res/res/values/strings.xml

+3 −3

Original line number	Original line	Diff line number	Diff line
	@@ -704,12 +704,12 @@
	<string name="permdesc_movePackage">Allows an application to move application resources from internal to external media and vice versa.</string>		<string name="permdesc_movePackage">Allows an application to move application resources from internal to external media and vice versa.</string>

	<!-- Title of an application permission, listed so the user can choose whether they want to allow the application to do this. -->		<!-- Title of an application permission, listed so the user can choose whether they want to allow the application to do this. -->
	<string name="permlab_readLogs">read system log files</string>		<string name="permlab_readLogs">read sensitive log data</string>
	<!-- Description of an application permission, listed so the user can choose whether they want to allow the application to do this. -->		<!-- Description of an application permission, listed so the user can choose whether they want to allow the application to do this. -->
	<string name="permdesc_readLogs">Allows an application to read from the		<string name="permdesc_readLogs">Allows an application to read from the
	system\'s various log files. This allows it to discover general		system\'s various log files. This allows it to discover general
	information about what you are doing with the phone, but they should		information about what you are doing with the phone, potentially
	not contain any personal or private information.</string>		including personal or private information.</string>

	<!-- Title of an application permission, listed so the user can choose whether they want to allow the application to do this. -->		<!-- Title of an application permission, listed so the user can choose whether they want to allow the application to do this. -->
	<string name="permlab_diagnostic">read/write to resources owned by diag</string>		<string name="permlab_diagnostic">read/write to resources owned by diag</string>

Original line number	Original line	Diff line number	Diff line
	@@ -590,8 +590,8 @@
	<!-- Allows an application to retrieve state dump information from system		<!-- Allows an application to retrieve state dump information from system
	services. -->		services. -->
	<permission android:name="android.permission.DUMP"		<permission android:name="android.permission.DUMP"
	android:permissionGroup="android.permission-group.SYSTEM_TOOLS"		android:permissionGroup="android.permission-group.PERSONAL_INFO"
	android:protectionLevel="dangerous"		android:protectionLevel="signatureOrSystem"
	android:label="@string/permlab_dump"		android:label="@string/permlab_dump"
	android:description="@string/permdesc_dump" />		android:description="@string/permdesc_dump" />

	@@ -840,11 +840,10 @@
	android:description="@string/permdesc_clearAppCache" />		android:description="@string/permdesc_clearAppCache" />

	<!-- Allows an application to read the low-level system log files.		<!-- Allows an application to read the low-level system log files.
	These can contain slightly private information about what is		Log entries can contain the user's private information,
	happening on the device, but should never contain the user's		which is why this permission is 'dangerous'. -->
	private information. -->
	<permission android:name="android.permission.READ_LOGS"		<permission android:name="android.permission.READ_LOGS"
	android:permissionGroup="android.permission-group.SYSTEM_TOOLS"		android:permissionGroup="android.permission-group.PERSONAL_INFO"
	android:protectionLevel="dangerous"		android:protectionLevel="dangerous"
	android:label="@string/permlab_readLogs"		android:label="@string/permlab_readLogs"
	android:description="@string/permdesc_readLogs" />		android:description="@string/permdesc_readLogs" />