Android requires super user for deleting, modifying or reading anything in the root directory except system which is read only.
However, I have noticed that even without a rooted device, some applications are able to take advantage of these processes. For example, Norton is able to do device wipes on non-rooted phones. Is there a way to grant my application similar access?
An application with Administrator Rights can use the Device Administration API. This API offers the ability to wipe the device.
Using this, it doesn't need any super-user permissions, it only needs device administrator rights.
To summarize how to use the Device Administration API:
You need a resource file declaring policies needed by your app
<device-admin xmlns:android="http://schemas.android.com/apk/res/android">
<uses-policies>
<wipe-data />
</uses-policies>
</device-admin>
You need to implement a DeviceAdminReceiver to react to various administration event your app is interested in. (an empty implementation can be enough if you are only interested in wipe-device) (more details on how to setup this receiver: here)
You need the BIND_DEVICE_ADMIN permission
At some point (probably at start up) your app must trigger ACTION_ADD_DEVICE_ADMIN to ask to the user to grant "Device Administration Rights" to your app. (once those rights are granted, there is no reason to ask them again. The user always have the ability to un-grant those rights from the Settings app)
When your setup is correct (and if the user grant Device Admin rights to your app), you can invoke the DevicePolicyManager:
DevicePolicyManager devicePolicyManager = (DevicePolicyManager) context.getSystemService(Context.DEVICE_POLICY_SERVICE);
devicePolicyManager.wipeData(0);
Note that an app with device administrator rights cannot be un-installed. The user needs to manually remove those rights (with the Settings app) before being able to un-install it.
Related
For context, the Android documentation says that some app classes receive the SYSTEM_ALERT_WINDOW permission automatically on request:
Any app that has ROLE_CALL_SCREENING and requests SYSTEM_ALERT_WINDOW automatically receives the permission. If the app misses ROLE_CALL_SCREENING, it loses permission.
Any app that is capturing the screen using a MediaProjection and requests SYSTEM_ALERT_WINDOW automatically receives permission, unless explicitly denied by the user. When the app stops capturing the screen, it loses permission. This use case is primarily intended for apps to stream games live.
How can I achieve this configuration to be able to obtain this permission automatically or by default?
As the documentation you quoted says, if you don't fit into one of those use cases, you can't.
It needs to be explicitly granted, and not all devices even support it.
This is because being able to draw over the screen whenever the app wants opens the door to bad behaviors, such as disguising other parts of the UI or preventing the using from using the device properly.
I've been looking into how to restrict access to certain apps, track location, restrict phone calls on an android device and have that dictated remotely. I've come across integrating an Enterprise Mobility Management (EMM) or Mobile Device Management (MDM) solution so I was just wondering if that is the only option here?
Well, Google has its own EMM called Android Enterprise, it offers some features as app restrictions, managed configurations, policies, etc. In backend you can catch all responses from device (ex. GPS). Sometimes if you need a specific feature you will depend from Google's team.
Also, some companies has a DPC app (Device Policy Controller), that app can control almost all feature in your device and send a lot of information to MDM or EMM, this app is configured as Device Owner. In this option, you have to develop MDM backend and DPC app as you need them.
I have just completed my app which I have React Native using Expo. It is my first time uploading an APP to Play Store. After I got finished uploading my APP and all the requirements I got an Email from Google that my APP got Rejected, and I have no idea how to fix the issues they have listed.
=====================================================================
Here are the reasons:
The declared function DEVICE_AUTOMATION is allowed, but not approved for the specific permissions that are listed in your manifestREAD_SMS . These excess permissions READ_SMS must be removed from your app manifest
The declared functionality DEVICE_AUTOMATION is determined to be unnecessary or not aligned with the core functionality of your app.
=====================================================================
Any help would be grateful.
Best Regards
Musayyab
Starting from Jan 9, 2019, Google starts restricts the use of high risk or sensitive permission including SMS or Call Log.
According to mail, you can't use READ_SMS permission in your application. (It does not matter what application make by whatever language) Indeed, Google just judge 'Your application doesn't need READ_SMS function'.
If you tried to use READ_SMS as OTP(or Phone Authentication), You can use SMS Retriever API to achieve almost same feature.
In other cases, there are no alternatives available at this time.
Android apps have something called Permissions which the app tell s the phone what it would like to do. The purpose of these is to protect the privacy of the Android User.
Google Play has recently got stricter in what apps it will allow to use some of these permissions, as they are often used by abusive apps. One of these permissions is READ_SMS. If an app is granted this permission it is allowed to read all of the users SMS messages.
It sounds from your comment like you don't want your app to read the users SMS messages. So in this case the check worked - your app was asking for a permission it didn't need. You should remove the request for the READ_SMS permission from your app.
There are instructions on editing the permissions in a react native app here. So possibly you added this permission to your AndroidManifest.xml file. If you did, then you should remove it.
If you didn't add it yourself, it is a possible a bad third-party library you added to your app added the permission. If so you should stop using that library.
I am developing an APP wanted to connect the GPS device, in fact, I do not want to prompt the user to manually activate would like to do automatically is it possible?
I know to ask the user to activate it manually now connect the GPS without request can not my app works with root access, if it has something that can be done with root it will also be valid
The android platform relies upon permissions, you can most certainly use the GPS in your app, but the user will be notified at first use. After the user accepts your permission your app will be allowed to use GPS in background
In my app, I need to use android.permission.SYSTEM_ALERT_WINDOW permission. Now I know to go to setting to open it. But some of the application is automatically opened. I want to know how to do it
If i got it right, you want to ask the user for some permissions on app launch. There's a great library to help you do that in Android :
Github link for the Permission dispatcher library
You can also check these libraries :
App-Runtime-Permissions-Android
Assent
MarshmallowPermissionManager
Every app that requests the SYSTEM_ALERT_WINDOW permission and that is installed through the Play Store (version 6.0.5 or higher is required), will have granted the permission automatically.
If instead the app is sideloaded, the permission is not automatically granted. You can try to download and install the Evernote APK from apkmirror.com. As you can see you need to manually grant the permission in Settings -> Apps -> Draw over other apps.
It is a new behaviour introduced in Marshmallow 6.0.1.
If you want the app to be sideloaded, you show manually show a prompt and direct the user to enable Draw over other apps permissions from the settings. Have a look at Requesting permissions