am b8dbdc29: Clarify the danger of READ_LOGS and DUMP permissions.

Merge commit 'b8dbdc293a8495a873a9c36353d6a9408c698256' into gingerbread-plus-aosp * commit 'b8dbdc293a8495a873a9c36353d6a9408c698256': Clarify the danger of READ_LOGS and DUMP permissions.
2010-09-15 17:33:22 -07:00
parent f8297ba011 b8dbdc293a
commit 1b60963c42
2 changed files with 8 additions and 9 deletions
--- a/core/res/AndroidManifest.xml
+++ b/core/res/AndroidManifest.xml
@ -590,8 +590,8 @@
    <!-- Allows an application to retrieve state dump information from system
         services. -->
    <permission android:name="android.permission.DUMP"
-        android:permissionGroup="android.permission-group.SYSTEM_TOOLS"
-        android:protectionLevel="dangerous"
+        android:permissionGroup="android.permission-group.PERSONAL_INFO"
+        android:protectionLevel="signatureOrSystem"
        android:label="@string/permlab_dump"
        android:description="@string/permdesc_dump" />

@ -840,11 +840,10 @@
        android:description="@string/permdesc_clearAppCache" />

    <!-- Allows an application to read the low-level system log files.
-         These can contain slightly private information about what is
-         happening on the device, but should never contain the user's
-         private information. -->
+         Log entries can contain the user's private information,
+         which is why this permission is 'dangerous'. -->
    <permission android:name="android.permission.READ_LOGS"
-        android:permissionGroup="android.permission-group.SYSTEM_TOOLS"
+        android:permissionGroup="android.permission-group.PERSONAL_INFO"
        android:protectionLevel="dangerous"
        android:label="@string/permlab_readLogs"
        android:description="@string/permdesc_readLogs" />
--- a/core/res/res/values/strings.xml
+++ b/core/res/res/values/strings.xml
@ -704,12 +704,12 @@
    <string name="permdesc_movePackage">Allows an application to move application resources from internal to external media and vice versa.</string>

    <!-- Title of an application permission, listed so the user can choose whether they want to allow the application to do this. -->
-    <string name="permlab_readLogs">read system log files</string>
+    <string name="permlab_readLogs">read sensitive log data</string>
    <!-- Description of an application permission, listed so the user can choose whether they want to allow the application to do this. -->
    <string name="permdesc_readLogs">Allows an application to read from the
        system\'s various log files.  This allows it to discover general
-        information about what you are doing with the phone, but they should
-        not contain any personal or private information.</string>
+        information about what you are doing with the phone, potentially
+        including personal or private information.</string>

    <!-- Title of an application permission, listed so the user can choose whether they want to allow the application to do this. -->
    <string name="permlab_diagnostic">read/write to resources owned by diag</string>