search

d4rken-org / capod

A companion app for AirPods on Android.
https://play.google.com/store/apps/details?id=eu.darken.capod
GNU General Public License v3.0
511 stars 43 forks source link

Question on permissions #192

Closed IzzySoft closed 6 months ago

IzzySoft commented 7 months ago

My scanner got a few additional checks back in January, and on today's update reports:

! repo/eu.darken.capod_21300000.apk declares sensitive permission(s):
  android.permission.SYSTEM_ALERT_WINDOW android.permission.ACCESS_BACKGROUND_LOCATION
  android.permission.ACCESS_COARSE_LOCATION android.permission.ACCESS_FINE_LOCATION
  android.permission.BLUETOOTH_SCAN
! repo/eu.darken.capod_21300000.apk contains signature block blobs: 0x504b4453 (DEPENDENCY_INFO_BLOCK; GOOGLE)

Could you please clarify what those permissions are needed for? Thanks in advance!

Oh, and that DEPENDENCY_INFO_BLOCK is easy to avoid:

android {
    dependenciesInfo {
        // Disables dependency metadata when building APKs.
        includeInApk = false
        // Disables dependency metadata when building Android App Bundles.
        includeInBundle = false
    }
}

For some background: that BLOB is supposed to be just a binary representation of your app's dependency tree. But as it's encrypted with a public key belonging to Google, only Google can read it – and nobody else can even verify what it really contains.

d4rken commented 7 months ago

android.permission.ACCESS_COARSE_LOCATION android.permission.ACCESS_FINE_LOCATION

Access to BLE broadcasts is guarded behind location permissions in earlier Android versions, e.g. you could locate someone by scanning for nearby known broadcast sources.

android.permission.ACCESS_BACKGROUND_LOCATION

Depending on what scan mode is used (e.g. not "only when app is open"), then scanning happens in a background service without the app being open. Due to BLE again being grouped under "location", it's the same permission as the one for background GPS access.

I don't think I have tested how this interacts with the newer BLUETOOTH_SCAN permission, but for backwards compatibility, we can't drop this anyways :slightly_frowning_face:.

android.permission.SYSTEM_ALERT_WINDOW

To display the pop-up window with battery infos, when the airpods case is opened.

android.permission.BLUETOOTH_SCAN

This is the new permission that replaces the location permission in newer Android versions.

CAPod needs both to support that range of Android versions.

For some background: that BLOB is supposed to be just a binary representation of your app's dependency tree. But as it's encrypted with a public key belonging to Google, only Google can read it – and nobody else can even verify what it really contains.

Is it necessary for Google Play though? Only exclude it in one of the build flavors?

IzzySoft commented 7 months ago

Thanks for the details, Matthias! I was aware that location had something to do with Bluetooth on earlier Android versions but could not pin-point it out of my head. Set up all mentioned permissions with your explanations now, so no warnings for them anymore:

image

Is it necessary for Google Play though? Only exclude it in one of the build flavors?

I don't know if it is necessary for PlayStore – but maybe doesn't hurt having it there. You could also just disable it for APKs, so if you upload AABs to Play they'd still have it.