Permission protection levels
At the application level, Android security is based on permissions. Using this permission-based model, the Android system protects system resources, such as camera and Bluetooth, and application resources, such as files and components. An application should have privileges to act upon or use these resources. Any application intending to use these resources needs to declare to the user that it will be accessing these resources. For example, if an application will be sending and reading a SMS, it will need to declare android.permission.SEND_SMS
and android.permission.READ_SMS
in the manifest file.
Permissions are also an effective method for access control between applications. An application's manifest file contains a list of permissions. Any external application that wishes to access this application's resources should possess these permissions. This is discussed in greater detail in the next chapter.
All Android permissions are declared as constants...