Clarify the danger of READ_LOGS and DUMP permissions.

The logs inevitably contain PII, so now we are making that clear in user
strings and developer docs. Moving DUMP and READ_LOGS into the PERSONAL_INFO
group.

Note that this means we need string translations.

Change-Id: I1b5bf9d2d827ab1a31dedbdb30d0906a87c26a32
This commit is contained in:
Chris Palmer
2010-09-15 10:45:31 -07:00
parent 24a2c2b596
commit b8dbdc293a
2 changed files with 8 additions and 9 deletions

View File

@ -590,8 +590,8 @@
<!-- Allows an application to retrieve state dump information from system
services. -->
<permission android:name="android.permission.DUMP"
android:permissionGroup="android.permission-group.SYSTEM_TOOLS"
android:protectionLevel="dangerous"
android:permissionGroup="android.permission-group.PERSONAL_INFO"
android:protectionLevel="signatureOrSystem"
android:label="@string/permlab_dump"
android:description="@string/permdesc_dump" />
@ -840,11 +840,10 @@
android:description="@string/permdesc_clearAppCache" />
<!-- Allows an application to read the low-level system log files.
These can contain slightly private information about what is
happening on the device, but should never contain the user's
private information. -->
Log entries can contain the user's private information,
which is why this permission is 'dangerous'. -->
<permission android:name="android.permission.READ_LOGS"
android:permissionGroup="android.permission-group.SYSTEM_TOOLS"
android:permissionGroup="android.permission-group.PERSONAL_INFO"
android:protectionLevel="dangerous"
android:label="@string/permlab_readLogs"
android:description="@string/permdesc_readLogs" />

View File

@ -704,12 +704,12 @@
<string name="permdesc_movePackage">Allows an application to move application resources from internal to external media and vice versa.</string>
<!-- Title of an application permission, listed so the user can choose whether they want to allow the application to do this. -->
<string name="permlab_readLogs">read system log files</string>
<string name="permlab_readLogs">read sensitive log data</string>
<!-- Description of an application permission, listed so the user can choose whether they want to allow the application to do this. -->
<string name="permdesc_readLogs">Allows an application to read from the
system\'s various log files. This allows it to discover general
information about what you are doing with the phone, but they should
not contain any personal or private information.</string>
information about what you are doing with the phone, potentially
including personal or private information.</string>
<!-- Title of an application permission, listed so the user can choose whether they want to allow the application to do this. -->
<string name="permlab_diagnostic">read/write to resources owned by diag</string>