Android Tutorial 115
include only the permissions required to run. The user is informed
what permissions each Android application requires at install time.
You might find that, in certain cases, permissions are not enforced
(you can operate without the permission). In these cases, it is
prudent to request the permission anyway for two reasons. First,
the user is informed that the application is performing those
sensitive actions, and second, that permission could be enforced in
a later SDK version.
Registering Permissions Your Application Grants to Other
Applications
Applications can also define their own permissions by using the
to specific application components, such as Activities, using the
android:permission attribute.
Permissions can be enforced at several points:
When starting an Activity or Service
When accessing data provided by a content provider
At the function call level
When sending or receiving broadcasts by an IntentPermissions can have three primary protection levels: normal,
dangerous, and signature. The normal protection level is a good
default for fine-grained permission enforcement within the
application. The dangerous protection level is used for higherrisk
Activities, which might adversely affect the device. Finally, the
signature protection level permits any application signed with the