question on permissions

[IzzySoft]

At IzzyOnDroid, the scanner reported

! repo/com.github.warren_bank.bonjour_webrtc_1040021.apk declares flag(s): usesCleartextTraffic
! repo/com.github.warren_bank.bonjour_webrtc_1040021.apk declares sensitive permission(s):
  android.permission.CAMERA android.permission.RECORD_AUDIO
  android.permission.SYSTEM_ALERT_WINDOW android.permission.READ_EXTERNAL_STORAGE*

I guess cleartext traffic is only for connections in the local network, so I've put that to the app's "green list" with that explanation. Also straight to the "green list" went the CAMERA and RECORD_AUDIO permissions, which are clearly needed for video calls. Could you please clarify the other two? Note: the asterisk at android.permission.READ_EXTERNAL_STORAGE* indicates this permission was granted implicitly due to the app requesting the WRITE permission – which is also unclear for me why it's needed.

Thanks in advance!

[warren-bank]

• this commit adds SYSTEM_ALERT_WINDOW
  • feature: present the user with a dialog to announce an inbound call
• Google's official example app includes WRITE_EXTERNAL_STORAGE
  • grepping through the code (which is largely unmodified), I can see several classes that use File related APIs
  • CallActivity can read from a video file to emulate the camera during a call
  • RecordedAudioToFileController opens an output stream to save recorded audio
  • CpuMonitor opens an input stream to: "/sys/devices/system/cpu/present"
  • RtcEventLog saves a log of events to an output file
  • every class from the original example app that's included in my app is used in some way, otherwise it would be removed
  • having said that, I can't say for certain whether or not any of these features can be accessed and enabled by the user
  • regardless, leaving these files unmolested makes merging updates much easier
    • this recent release was prompted by a user asking for such updates,
      as the app hadn't been updated in several years
    • being able to diff and rebase made my life so much easier than if I did all of that work by hand

[IzzySoft]

present the user with a dialog to announce an inbound call

Thanks! Added to the "green list".

As for storage: if you don't use any of those listed activities, and they cannot be activated/triggered via the app, it should be safe to omit the permission I'd say. Worst case, any of those features are indeed addressed and raise an exception – and you can decide whether to catch it or to add the permission back (and have me add it to the "green list" with a proper reason).

Your app, so your say. If you do not want to go through that trouble, just give me a short description what to put as reason for the green-listing (max ~50 chars).

[warren-bank]

I haven't tested this app in many years.. so my saying that I don't remember what features are available isn't to say that they don't exist in the app; they're probably all accessible through the app settings.. which are the same as upstream.

This app is pretty much a superset of the original/upstream app. When I was reading its code (ages ago), I noticed that it supports direct IP-to-IP connections to completely bypass any required signalling. Based on this observation, I though it would be useful to add local discovery over a LAN using mDNS. That functionality is what I've added. If Google says it needs those other permissions, then I'm inclined to believe them.

I trust you.. whatever description you think is helpful to your users is good by me.

[IzzySoft]

Thanks Warren! So let's put it like this:

android.permission.CAMERA: required for video calls
android.permission.RECORD_AUDIO: required for video calls
android.permission.SYSTEM_ALERT_WINDOW: used to present a dialog to announce an inbound call
android.permission.READ_EXTERNAL_STORAGE: implicitly granted due to the WRITE permission
android.permission.WRITE_EXTERNAL_STORAGE: needed by some features of the WebRTC API

I just put that live now. If I should adjust something, just let me know.