report elevated privileges: installer, accessibility, VPN, and input method
There are four key types of elevated privileges: installer, accessibility, VPN, and input method. @IzzySoft mapped out some new methods for checking them in https://www.kuketz-blog.de/android-apps-auf-dem-seziertisch-eine-vertiefte-betrachtung/ and IzzyOnDroid/repo#475 (closed) I expanded on that.
The installer permissions can be used to do things like self-update and include non-free software. So when they are present, their usage should be reviewed by a human. The list here was generated by all perms with "INSTALL" in the name or with protectionLevel
"installer
".
The list of permissions was generated by this python snippet:
import requests
r = requests.get('https://gitlab.com/fdroid/fdroid-website/-/raw/master/_data/android_permissions.json')
r.raise_for_status()
for k, v in r.json().items():
if 'INSTALL' in k or 'installer' in v.get('protectionLevel', ''):
print(" r'%s'," % k)
@jugendhacker @linsui @licaon-kter
The results look like:
cleartextTrafficPermitted |
|
---|---|
<base-config cleartextTrafficPermitted="true" /> |
|
intent-filters |
|
android.accessibilityservice.AccessibilityService |
|
Edited by Hans-Christoph Steiner