Android权限列表(基于Android 14)

03-31 1073阅读

一、简介

权限的目的为了保护用户隐私,应用在访问一些敏感数据时,必须事先取得用户授权后才能使用,比如:比如读取sdcard、访问通讯录等。

Android权限列表(基于Android 14)
(图片来源网络,侵删)

在Android6.0之前的设备上,系统不会提醒用户正在获取的权限。一旦安装应用,就意味着该应用所需的所有权限均已经得到授权。在这种情况下应用可以自由收集用户隐私信息。或者随意发送短信。为了解决这个问题在Android6.0之后的设备上,应用需要动态授权,当需要使用某个权限时,会弹出一个提醒框来征求用户意见,只有取得用户同意后才能继续使用。

二、权限分类

android中所有的预定义权限(不包括厂商自定义的)都可以在Manifest.permission这个静态类中找到定义,android把权限分为三大类:普通权限、危险权限、特殊权限,每一种类型的权限都分配一个对应的Protection Level,分别为:normal、dangerous、appop和signature等,下面简单介绍一下这几种类型的权限:

1.普通权限

普通权限也叫正常权限,Protection Level为normal,它不需要动态申请,你只需要在AndroidManifest.xml中静态地声明,然后系统在应用安装时就会自动的授予该应用相应的权限,当应用获得授权时,它就可以访问应用沙盒外受该普通权限保护地数据或操作,这些数据或操作不会泄漏或篡改用户的隐私,对用户或其他应用几乎没有风险。

以下列出所有普通权限:

权限引入版本APIProtection Level
FOREGROUND_SERVICE_SPECIAL_USE14.034normal|appop|instant
FOREGROUND_SERVICE_CAMERA14.034normal|instant
FOREGROUND_SERVICE_CONNECTED_DEVICE14.034normal|instant
FOREGROUND_SERVICE_DATA_SYNC14.034normal|instant
FOREGROUND_SERVICE_HEALTH14.034normal|instant
FOREGROUND_SERVICE_LOCATION14.034normal|instant
FOREGROUND_SERVICE_MEDIA_PLAYBACK14.034normal|instant
FOREGROUND_SERVICE_MEDIA_PROJECTION14.034normal|instant
FOREGROUND_SERVICE_MICROPHONE14.034normal|instant
FOREGROUND_SERVICE_PHONE_CALL14.034normal|instant
FOREGROUND_SERVICE_REMOTE_MESSAGING14.034normal|instant
FOREGROUND_SERVICE_SYSTEM_EXEMPTED14.034normal|instant
ACCESS_LOCATION_EXTRA_COMMANDS1.0(Base)1normal
ACCESS_NETWORK_STATE1.0(Base)1normal
ACCESS_NOTIFICATION_POLICY6.0(Marshmallow)23normal
ACCESS_WIFI_STATE1.0(Base)1normal
BLUETOOTH1.0(Base)1normal
BLUETOOTH_ADMIN1.0(Base)1normal
BROADCAST_STICKY1.0(Base)1normal
CALL_COMPANION_APP10.0(Q)29normal
CHANGE_NETWORK_STATE1.0(Base)1normal
CHANGE_WIFI_MULTICAST_STATE1.6(Donut)4normal
CHANGE_WIFI_STATE1.0(Base)1normal
CREDENTIAL_MANAGER_QUERY_CANDIDATE_CREDENTIALS14.034normal
CREDENTIAL_MANAGER_SET_ALLOWED_PROVIDERS14.034normal
CREDENTIAL_MANAGER_SET_ORIGIN14.034normal
DETECT_SCREEN_CAPTURE14.034normal
DISABLE_KEYGUARD1.0(Base)1normal
ENFORCE_UPDATE_OWNERSHIP14.034normal
EXPAND_STATUS_BAR1.0(Base)1normal
FOREGROUND_SERVICE9.0(Pie)28normal
GET_PACKAGE_SIZE1.0(Base)1normal
HIGH_SAMPLING_RATE_SENSORS12.0(S)31normal
INSTALL_SHORTCUT4.4(KitKat)19normal
INTERNET1.0(Base)1normal
KILL_BACKGROUND_PROCESSES2.2(Froyo)8normal
MANAGE_OWN_CALLS8.0(Oreo)26normal
MODIFY_AUDIO_SETTINGS1.0(Base)1normal
NFC2.3(Gingerbread)9normal
NFC_PREFERRED_PAYMENT_INFO11.0(R)30normal
NFC_TRANSACTION_EVENT9.0(Pie)28normal
QUERY_ALL_PACKAGES11.0(R)30normal
READ_SYNC_SETTINGS1.0(Base)1normal
READ_SYNC_STATS1.0(Base)1normal
RECEIVE_BOOT_COMPLETED1.0(Base)1normal
REORDER_TASKS1.0(Base)1normal
REQUEST_COMPANION_PROFILE_GLASSES14.034normal
REQUEST_COMPANION_PROFILE_WATCH12.0(S)31normal
REQUEST_COMPANION_RUN_IN_BACKGROUND8.0(Oreo)26normal
REQUEST_COMPANION_START_FOREGROUND_SERVICES_FROM_BACKGROUND12.0(S)31normal
REQUEST_COMPANION_USE_DATA_IN_BACKGROUND8.0(Oreo)26normal
REQUEST_DELETE_PACKAGES8.0(Oreo)26normal
REQUEST_IGNORE_BATTERY_OPTIMIZATIONS6.0(Marshmallow)23normal
REQUEST_PASSWORD_COMPLEXITY10.0(Q)29normal
RUN_USER_INITIATED_JOBS14.034normal
SET_ALARM2.3(Gingerbread)9normal
SET_WALLPAPER1.0(Base)1normal
SET_WALLPAPER_HINTS1.0(Base)1normal
TRANSMIT_IR4.4(KitKat)19normal
UPDATE_PACKAGES_WITHOUT_USER_ACTION12.0(S)31normal
USE_BIOMETRIC9.0(Pie)28normal
USE_FINGERPRINT+6.0(Marshmallow)-9.0(Pie)+23-28normal
USE_FULL_SCREEN_INTENT10.0(Q)29normal
VIBRATE1.0(Base)1normal
WAKE_LOCK1.0(Base)1normal
WRITE_SYNC_SETTINGS1.0(Base)1normal

2.危险权限

危险权限也叫运行时权限,Protection Level为dangerous,跟普通权限相反,一旦应用获取了该类权限,用户的隐私数据就会面临被泄露或篡改的风险,所以如果你想使用该权限保护的数据或操作,就必须在AndroidManifest.xml中静态地声明需要用到的危险权限,并在访问这些数据或操作前动态的申请权限,系统就会弹出一个权限请求弹窗征求用户的同意,除非用户同意该权限,否则你不能使用该权限保护的数据或操作。

所有的危险权限都有对应的权限组,android预定义了15个权限组(根据android 14总结),这15个权限组中包含了41个危险权限和几个普通权限,当我们动态的申请某个危险权限时,都是按权限组申请的,当用户一旦同意授权该危险权限,那么该权限所对应的权限组中的其他在AndroidManifest.xml中注册的权限也会同时被授权,android预定义的15个权限组包含的危险权限如下:

权限组名引入版本API权限引入版本API
ACTIVITY_RECOGNITION(识别用户活动)10.0(Q)29ACTIVITY_RECOGNITION10.0(Q)29
CALENDAR(日历)4.2(Jelly Bean)17READ_CALENDAR1.0(Base)1
WRITE_CALENDAR1.0(Base)1
CALL_LOG(通话记录)9.0(Pie)28PROCESS_OUTGOING_CALLS1.0(Base)+10.0(Q)-1+ 29-
READ_CALL_LOG4.1(Jelly Bean)16
WRITE_CALL_LOG4.1(Jelly Bean)16
CAMERA(相机)4.2(Jelly Bean)17CAMERA1.0(Base)1
CONTACTS(联系人)6.0(Marshmallow)23READ_CONTACTS1.0(Base)1
GET_ACCOUNTS1.0(Base)1
WRITE_CONTACTS1.0(Base)1
LOCATION(位置)1.0(Base)1ACCESS_BACKGROUND_LOCATION10.0(Q)29
ACCESS_COARSE_LOCATION1.0(Base)1
ACCESS_FINE_LOCATION1.0(Base)1
MICROPHONE(麦克风)4.2(Jelly Bean)17RECORD_AUDIO1.0(Base)1
NEARBY_DEVICES(附近的蓝牙设备)12.0(S)31BLUETOOTH_ADVERTISE12.0(S)31
BLUETOOTH_CONNECT12.0(S)31
BLUETOOTH_SCAN12.0(S)31
NOTIFICATIONS(通知)13.0(Tiramisu)33POST_NOTIFICATIONS13.0(Tiramisu)33
PHONE(手机)6.0(Marshmallow)23ACCEPT_HANDOVER9.0(Pie)28
ADD_VOICEMAIL4.0(IceCreamSandwich)14
ANSWER_PHONE_CALLS8.0(Oreo)26
CALL_PHONE1.0(Base)1
READ_PHONE_NUMBERS8.0(Oreo)26
READ_PHONE_STATE1.0(Base)1
USE_SIP2.3(Gingerbread)9
READ_MEDIA_AURAL(读取音频)13.0(Tiramisu)33
READ_MEDIA_VISUAL(读取图像和视频)13.0(Tiramisu)33
SENSORS(传感器)6.0(Marshmallow)23BODY_SENSORS4.4W(KitKat Wear)20
BODY_SENSORS_BACKGROUND13.0(Tiramisu)33
SMS(短信)6.0(Marshmallow)23READ_SMS1.0(Base)1
RECEIVE_MMS1.0(Base)1
RECEIVE_SMS1.0(Base)1
RECEIVE_WAP_PUSH1.0(Base)1
SEND_SMS1.0(Base)1
STORAGE(存储卡)1.6(Donut)4READ_EXTERNAL_STORAGE4.1(Jelly Bean)16
READ_MEDIA_AUDIO13.0(Tiramisu)33
READ_MEDIA_IMAGES13.0(Tiramisu)33
READ_MEDIA_VIDEO13.0(Tiramisu)33
READ_MEDIA_VISUAL_USER_SELECTED14.034
WRITE_EXTERNAL_STORAGE1.6(Donut)4
ACCESS_MEDIA_LOCATION10.0(Q)29
NEARBY_WIFI_DEVICES13.0(Tiramisu)33
UWB_RANGING12.0(S)31

3.特殊权限

特殊权限用于保护一些特定的应用程序操作,Protection Level为appop(应用操作)、installer(安装程序)、role(职责)、privileged(特权)、signature(签名)等。

· 应用操作

Protection Level为appop,使用前也需要在AndroidManifest.xml中静态地声明,也需要动态的申请,但是它不同于危险权限的申请,危险权限的申请会弹出一个对话框询问你是否同意,而此权限的申请需要跳转到指定的设置界面,让你手动点击toggle按钮确认是否同意

· 签名权限

Protection Level为signature,只对拥有相同签名的应用开放,它也不需要动态申请,例如应用A在AndroidManifest.xml中自定义了一个permission且在权限标签中加入android:protectionLevel=”signature”,表示应用A声明了一个签名权限,那么应用B想要访问应用A受该权限保护的数据时,必须要在AndroidManifest.xml中声明该权限,同时要用与应用A相同的签名打包,这样系统在应用B安装时才会自动地授予应用B该权限,应用B在获得授权后就可以访问该权限控制的数据,其他应用即使知道这个权限,也在AndroidManifest.xml中声明了该权限,但由于应用签名不同,安装时系统不会授予它该权限,这样其他应用就无法访问受该权限保护的数据。

还有一些签名权限不会供第三方应用程序使用,只会供系统预装应用使用,这种签名权限的Protection Level为signature和privileged。

· 特殊权限明细

以下列出所有特殊权限(按照appop、installer、role、privileged、signature顺序列出)

权限引入版本APIProtection Level
FOREGROUND_SERVICE_SPECIAL_USE14.034normal|appop|instant
INSTANT_APP_FOREGROUND_SERVICE8.0(Oreo)26signature|development|instant|appop
LOADER_USAGE_STATS11.0(R)30signature|privileged|appop
MANAGE_EXTERNAL_STORAGE11.0(R)30signature|appop|preinstalled
MANAGE_MEDIA12.0(S)31signature|appop|preinstalled
MANAGE_ONGOING_CALLS12.0(S)31signature|appop
PACKAGE_USAGE_STATS6.0(Marshmallow)23signature|privileged|development|appop|retailDemo
SCHEDULE_EXACT_ALARM12.0(S)31signature|privileged|appop
SMS_FINANCIAL_TRANSACTIONS10.0(Q)+12.0(S)-29+31-signature|appop
SYSTEM_ALERT_WINDOW1.0(Base)1signature|setup|appop|installer|pre23|development
USE_ICC_AUTH_WITH_DEVICE_IDENTIFIER12.0(S)31signature|appop
WRITE_SETTINGS1.0(Base)1signature|preinstalled|appop|pre23
START_VIEW_APP_FEATURES13.0(Tiramisu)33signature|installerinstaller
START_VIEW_PERMISSION_USAGE10.0(Q)29signature|installer
PROVIDE_REMOTE_CREDENTIALS14.034signature|privileged|role
READ_VOICEMAIL5.0(Lollipop)21signature|privileged|role
WRITE_VOICEMAIL5.0(Lollipop)21signature|privileged|role
EXECUTE_APP_ACTION14.034internal|role
LAUNCH_CAPTURE_CONTENT_ACTIVITY_FOR_NOTE14.034internal|role
MANAGE_DEVICE_LOCK_STATE14.034internal|role
PROVIDE_OWN_AUTOFILL_SUGGESTIONS14.034internal|role
SUBSCRIBE_TO_KEYGUARD_LOCKED_STATE13.0(Tiramisu)33signature|role
SUBSCRIBE_TO_KEYGUARD_LOCKED_STATE13.0(Tiramisu)33signature|role
READ_ASSISTANT_APP_SEARCH_DATA13.0(Tiramisu)33role
READ_HOME_APP_SEARCH_DATA13.0(Tiramisu)33role
BATTERY_STATS1.0(Base)1signature|privileged|development
CHANGE_CONFIGURATION1.0(Base)1signature|privileged|development
BIND_CALL_REDIRECTION_SERVICE10.0(Q)29signature|privileged
BIND_CARRIER_SERVICES6.0(Marshmallow)23signature|privileged
BIND_INCALL_SERVICE6.0(Marshmallow)23signature|privileged
BIND_REMOTEVIEWS3.0(Honeycomb)11signature|privileged
BIND_SCREENING_SERVICE7.0(Nougat)24signature|privileged
BIND_TELECOM_CONNECTION_SERVICE6.0(Marshmallow)23signature|privileged
BIND_TV_INPUT5.0(Lollipop)21signature|privileged
BIND_TV_INTERACTIVE_APP13.0(Tiramisu)33signature|privileged
BIND_VISUAL_VOICEMAIL_SERVICE8.0(Oreo)26signature|privileged
BIND_WALLPAPER2.2(Froyo)8signature|privileged
CLEAR_APP_CACHE1.0(Base)1signature|privileged
DELETE_CACHE_FILES1.0(Base)1signature|privileged
GET_ACCOUNTS_PRIVILEGED6.0(Marshmallow)23signature|privileged
GLOBAL_SEARCH1.6(Donut)4signature|privileged
BLUETOOTH_PRIVILEGED4.4(KitKat)19privileged
CALL_PRIVILEGED1.0(Base)1privileged
MANAGE_WIFI_NETWORK_SELECTION13.0(Tiramisu)33privileged
START_FOREGROUND_SERVICES_FROM_BACKGROUND12.0(S)31privileged
BIND_ACCESSIBILITY_SERVICE4.1(Jelly Bean)16signature
BIND_AUTOFILL_SERVICE8.0(Oreo)26signature
BIND_CARRIER_MESSAGING_CLIENT_SERVICE10.0(Q)29signature
BIND_CHOOSER_TARGET_SERVICE6.0(Marshmallow)+11.0(R)-23+30-signature
BIND_CONDITION_PROVIDER_SERVICE7.0(Nougat)24signature
BIND_CREDENTIAL_PROVIDER_SERVICE14.034signature
BIND_DEVICE_ADMIN2.2(Froyo)8signature
BIND_DREAM_SERVICE5.0(Lollipop)21signature
BIND_INPUT_METHOD1.5(Cupcake)3signature
BIND_MIDI_DEVICE_SERVICE6.0(Marshmallow)23signature
BIND_NFC_SERVICE4.4(KitKat)19signature
BIND_NOTIFICATION_LISTENER_SERVICE4.3(Jelly Bean)18signature
BIND_PRINT_SERVICE4.4(KitKat)19signature
BIND_QUICK_ACCESS_WALLET_SERVICE11.0(R)30signature
BIND_TEXT_SERVICE4.0(IceCreamSandwich)14signature
BIND_VOICE_INTERACTION5.0(Lollipop)21signature
BIND_VPN_SERVICE4.0(IceCreamSandwich)14signature
BIND_VR_LISTENER_SERVICE7.0(Nougat)24signature
REQUEST_INSTALL_PACKAGES6.0(Marshmallow)23signature
VPS购买请点击我

文章版权声明:除非注明,否则均为主机测评原创文章,转载或复制请以超链接形式并注明出处。

目录[+]