Lets say I have an existing Android 11 ROM and I would like to add a priv-app app to the system with system level permissions. In order for this app to be able to write secure settings and become a device owner and so on. I would like to keep secure boot enabled. If I understand it correctly these apps need to be signed by the platform manufacturer's key which I do not have obviously. I do not want to use root or some sort of workarounds in magisk, XPosed/LSPosed module or a frida-script. but I can open the system.img and change or add files to it. Is it possible to add your own platform key or replace the existing key and then re-assign sign all current apps with it?

I'm trying to install WhatsApp, but I'm obviously uncomfortable about serving up my entire address book for Facebook to trawl through. I've found plenty of posts from a few years back saying it is possible, but I'm wondering if something has changed. On opening the app and going to the 'chats' screen, I'm greeted with a screen saying >To help you message friends and family on WhatsApp, allow WhatsApp access to your contacts along with a link to open my settings. If I push the green 'chat' button in the bottom right, I get a popup with the same message. If I hit the 'not now' option, it closes the popup and puts me back on the original screen. There doesn't seem to be a way forward here. Does this app just strong-arm you into uploading your contacts list in order to use it? Or is it potentially a more phone-specific issue?

I’ve got an android mobile phone. It’s a Xiaomi Redmi Note 9 Pro, with MIUI Global 12.0.1 (Android 11). I installed 3 applications for global position background tracing: - OruxMap - Komoot - View Ranger Only for OruxMap, in AppInfo, under the option “App permissions” > “Geolocalization”, I’ve got 4 options: - Allow always - Allow while the app is in use - Ask every time - Deny But **for the other apps I can’t find “Allow always”** and I’ve got only the other 3 options. I compared my situation with two friends with the same 3 apps on their smartphones. One friend never sees “Allow always” option. The other sees “Allow always” option for different applications. In order to grant background geolocalization for tracking purposes to the application of my choice, how can I visualize the “Allow always” option in the App Info for a specific application?

Three devices, created using a character driver (/dev/device1, /dev/device2, and /dev/device3), are not appearing in Android (AOSP 15). However, the same character driver functions correctly under Linux (via udev). The matching rule is included in ueventd.rc, and permissions have been enabled through the SELinux policy. Here is the file contents ueventd.rc /dev/device[0-9]* 0660 system system u:object_r:vendor_device:s0 my_device.te

type vendor_device, dev_type, mlstrustedobject;\
    allow system_app vendor_device:chr_file { read write open ioctl };

file_contexts /dev/device[0-9]* u:object_r:vendor_device:s0 It is expected to list the devices with below commands ls -l /dev/device* It is verified that the three devices entries are present at >$ ls /sys/dev/char/ | grep 250\ >250:0\ >250:1\ >250:2. Also verified that device_create API is success. Any thoughts?

I'm looking for some clarification regarding the AppCloud application that comes pre-installed on Samsung smartphones. From what I understand, it suggests and installs recommended apps, including ones I manually select through its interface. My concern is this: **When an app is installed through AppCloud, is it possible that the app receives the permissions it requests automatically, without any user interaction?** Normally, when I install an app via the Play Store and open it for the first time, Android prompts me to grant specific permissions (like access to the camera, location, etc.). However, since AppCloud appears to be a system-level app, I’m wondering if it has elevated privileges that allow it to bypass this standard permission behavior and grant permissions to apps silently. I’d appreciate any insights into whether this is technically possible—especially considering I’m using Android 14.

I have a Samsung Galaxy smartphone, it's configured in Dutch. When I want to see a PDF file, saved in my Downloads directory, it asks me which app to use, on which I choose "PDF-lezer", but it says to modify "machtiging" in "opslag" related configurations. Ok, this means that I need to open the configuration, go to app-configuration, choose the "PDF-lezer" app, and modify the corresponding "Machtiging" (permission) about "Opslag" (local saving). Problem: the "PDF-lezer" does not appear in the list of apps, there is nothing like "PDF..." in the app list. Question: how can I allow "PDF-lezer" to access files stored locally on my smartphone?

I use Redmi 9 Prime. On that, I use the Truecaller app. I want to use Truecaller only for calls and strictly not for SMS. So I never give SMS read permission to the Treucaller app. But still, sometimes Truecaller read new personal SMS. Till now did not see any service or OTP SMS in Truecaller. Don't know how come. What can be the reason or source for getting this possible? How can I stop Truecaller from strictly touching my SMS?

I've been using Every Proxy on my Samsung Galaxy S23 for a year with no problem, but today, it can't start the server and says that I must enable auto-start permission for Every Proxy Network Bridge. It says that it can be found in "Settings -> Manage Apps -> Permission -> Autostart", but there is no such submenu; I guess that the instructions are outdated. There is only "Settings -> Apps -> Network bridge -> Permissions" menu, and there is nothing about autostart or anything that I could change. Restarting the phone didn't help. I tried this , this , and this YouTube videos on enabling autostart, but again - it seems outdated. There are no menus like this and there is no "auto launch" settings. I found "Settings -> Apps -> Network bridge -> Battery" menu and set it to unrestricted - it didn't help. I found the never sleeping apps menu, but there is no Every Proxy app in the list, I guess it never sleeps anyway, and in any case I've been using it all the time, so there is no reason for it to sleep. How to enable auto-start permission on S23? P.S. I did try to clear cache and data and even to reinstall both Every Proxy and Every Proxy Bridge completely.

Can you please advise me how to grant APP's access to Music and Audio? Android version: ColorOS 15, OPPO As screenshots, the APP "Pydriod 3" is not listed to have access to Music and Audio (Settings, neither in Allowed nor Not Allowed). Seems no way to manage the Allowed or Not Allowed on the Music and Audio settings. The "..." on the top right is not helpful too. On the other hand, the APP itself, seems has no place to "ask for" the permission to access Music and Audio.

I use a Samsung Galaxy A13 (A135F) with Android 12. How could I change the microphone usage permission of an Android app from "**Allow only with the app in use**" to "**Always allow**"? In my case, it is for the Dolby On application.

I'm using Infinix Note 30 with Android 13. I'm currently trying to achieve location privacy on my phone. I have denied location permission for all apps (except system apps and Google Play Services, because I cannot disable it, it says device need permission to operate), I also disabled all "location services" because I figure these location services are collecting my location data. I only enable these services when I desperately need the GPS and disable them when I no longer need (the GPS is really bad without these location services, maybe it was intentional to punish user for disabling them by not adding necessary GPS feature to base android?). Then I realized apps still can track my location through "nearby device" feature in two ways: 1. By scanning for nearby device on my phone 2. By scanning for nearby device on other phone near me and figure out my approximate location if my phone was detected on that other phone Fixing 1 is easy, I simply deny nearby device permissions for all apps (except system apps, because I cannot disable it, it says device need permission to operate). I also disabled "Bluetooth scanning" to stop apps and services from scanning for nearby devices. Fixing 2 on the other hand, I cant find the option to disable nearby device feature. I only can deny nearby device permission for app in my phone, but I can't find the settings to disable nearby device feature to prevent other phone from scanning my phone. Does anyone know where is the settings to disable nearby device feature? Denying nearby device permission is not enough, I need to disable the nearby device feature itself.

Today, I installed WhatsApp, and I know that it wants to upload my complete contact list to its servers to see who else has WhatsApp, so it can create a contact list. I don't like this, and I prefer to give it just what it needs, maybe only five contacts for now. I have LBE Privacy installed, and it blocks the contact list for WhatsApp. The result is that WhatsApp doesn't work. Now I can of course remove the entire contact list except for those five contacts, then unblock it, let WhatsApp connect, then block WA again, and hope it works. If I open the contact list, and go to the setting which contacts to display, I see several options: all contacts, WhatsApp, Gmail-account, and phone. Choosing one of these, only these contacts are listed in the contact list. But I guess WhatsApp won't bother and use all contacts anyway. In the contact list, I have hundreds of contacts with email-addresses and no phone number. Will it upload those as well? And if I take a closer look at those lists, they are not properly organized, so limiting If I add a contact later, will WhatsApp know? Is there a way to handle this properly, let WhatsApp have the addresses it needs, without giving it all?

Following this question, https://android.stackexchange.com/q/248171/383919 , it is apparent that we need to be careful granting accessibility permission to an app. However, sometimes, it is needed. So I am trying to more precisely understand the particular risk of this. From my understanding, "accessibility" means "simulating physical interactions with the device". This means that, 1. Once the screen is locked it cannot access anything that requires the password to access. 2. if a 3rd party app tries to utilize the accessibility permission to access some specific information like some message displayed in an app, it must simulate what the user can do to enter that app, which inevitably let the user **see** what it is doing. 3. So the only way for the 3rd party accessibility app to get sensitive information is to wait until the user brings up the sensitive information to screen by himself/herself. (Or by typing a password, etc.) Therefore, can I say that, as long as the user is not using sensitive apps (like banking apps) or typing passwords at the time they are using the 3rd party app with accessibility permission, then there is no risk of leaking those sensitive data to the 3rd party app?

I found this on my phone and I would like to shut it down > com.samsung.android.permission.RETURN_REMOTE_INPUT_VOICE

I have installed GraphHopper with Termux. I have ~/storage/shared pointing to my SD card: ~ $ ls -l storage/ total 0 lrwxrwxrwx. 1 u0_a212 u0_a212 34 Oct 30 12:45 dcim -> /storage/emulated/0/DCIM lrwxrwxrwx. 1 u0_a212 u0_a212 34 Oct 30 12:45 downloads -> /storage/emulated/0/Download lrwxrwxrwx. 1 u0_a212 u0_a212 34 Oct 30 12:45 movies -> /storage/emulated/0/Movies lrwxrwxrwx. 1 u0_a212 u0_a212 34 Oct 30 12:45 music -> /storage/emulated/0/Music lrwxrwxrwx. 1 u0_a212 u0_a212 34 Oct 30 12:45 pictures -> /storage/emulated/0/Pictures lrwxrwxrwx. 1 u0_a212 u0_a212 34 Oct 30 12:45 shared -> /storage/emulated/0 My user is u0_a212 and here are the links to the cache on the SD card: ~ $ ls -l graphhopper total 44767 -rw-------. 1 u0_a212 u0_a212 3448 Oct 30 12:34 config.yml drwxr-xr-x. 2 u0_a212 u0_a212 3452 Oct 30 09:45 custom_models lrwxrwxrwx. 1 u0_a212 u0_a212 82 Oct 29 18:11 europe -> /data/data/com.termux/files/home/storage/shared/Documents/graphhopper/europe lrwxrwxrwx. 1 u0_a212 u0_a212 98 Oct 29 18:11 graph-cache -> /data/data/com.termux/files/home/storage/shared/Documents/graphhopper/graph-cache -rw-------. 1 u0_a212 u0_a212 45780835 May 5 17:52 graphhopper-web-9.1.jar drwx------. 2 u0_a212 u0_a212 3452 Oct 30 09:40 logs The problem is here: ~ $ ls -dl /data/data/com.termux/files/home/storage/shared/Documents/graphhopper/graph-cache drwx------. 2 u0_a189 u0_a189 3452 Oct 30 12:47 /data/data/com.termux/files/home/storage/shared/Documents/graphhopper/graph-cache ~ $ ls -l /data/data/com.termux/files/home/storage/shared/Documents/graphhopper/graph-cache ls: cannot open directory '/data/data/com.termux/files/home/storage/shared/Documents/graphhopper/graph-cache': Permission denied Unexpectedly, from Android root, the user is not the same. And if I try to change it with chown, I get a Permission denied. Why the user is different? Is there a solution to change it?

I have granted permission for Chrome to access my microphone and camera both online and within my phone. However, when I visit a website through Chrome that needs to use them, it will prompt me again. Despite selecting "Allow Access", it will deny me the privilege. Even at this exact moment, I can select and use voice-to-text; I can use the microphone via my keyboard. How do I fix this?

How does WhatsApp access my fingerprint? WhatsApp did not ask permission to use my fingerprint. Then how do they use my fingerprint for unlocking?

I have installed a clipboard manager, Clip Stack on my Android 11 phone. When the app is opened, the developer helpfully gives the message that background clipboard access has been blocked by Android 10 but he has found a workaround and to run the following ADB commands: >

> adb -d shell appops set com.catchingnow.tinyclipboardmanager SYSTEM_ALERT_WINDOW allow; 
> adb -d shell pm grant com.catchingnow.tinyclipboardmanager android.permission.READ_LOGS; 
> adb shell am force-stop com.catchingnow.tinyclipboardmanager;
>

I don't want to install Android Studio. I tried the following: 1. Enabled Developer Options on my phone and turned on USB debugging and Allow screen overlaps on settings 2. On my computer installed minimal_adb_fastboot_v1.4.3 3. Connected my phone to my computer via usb 4. Clicked on the desktop shortcut for Minimal ADB and Fastboot to open a cmd window 5. Ran adb -d shell appops set com.catchingnow.tinyclipboardmanager SYSTEM_ALERT_WINDOW allow; The daemon started. 6. Ran adb -d shell pm grant com.catchingnow.tinyclipboardmanager android.permission.READ_LOGS; It gave error:

Exception occurred while executing 'grant':
java.lang.SecurityException: grantRuntimePermission: Neither user 2000 nor current process has android.permission.GRANT_RUNTIME_PERMISSIONS.
        at android.app.ContextImpl.enforce(ContextImpl.java:2028)
        at android.app.ContextImpl.enforceCallingOrSelfPermission(ContextImpl.java:2056)
        at com.android.server.pm.permission.PermissionManagerService.grantRuntimePermissionInternal(PermissionManagerService.java:1463)
        at com.android.server.pm.permission.PermissionManagerService.grantRuntimePermission(PermissionManagerService.java:1444)
        at com.android.server.pm.PackageManagerShellCommand.runGrantRevokePermission(PackageManagerShellCommand.java:2300)
        at com.android.server.pm.PackageManagerShellCommand.onCommand(PackageManagerShellCommand.java:251)
        at android.os.BasicShellCommandHandler.exec(BasicShellCommandHandler.java:98)
        at android.os.ShellCommand.exec(ShellCommand.java:44)
        at com.android.server.pm.PackageManagerService.onShellCommand(PackageManagerService.java:22307)
        at android.os.Binder.shellCommand(Binder.java:929)
        at android.os.Binder.onTransact(Binder.java:813)
        at android.content.pm.IPackageManager$Stub.onTransact(IPackageManager.java:4687)
        at com.android.server.pm.PackageManagerService.onTransact(PackageManagerService.java:4471)
        at android.os.Binder.execTransactInternal(Binder.java:1159)
        at android.os.Binder.execTransact(Binder.java:1123)

How can I proceed?

I want to disable the OTG (USB) on Android 9. I coud control it on Android 6 by disabling a permission on the file android.hardware.usb.host.xml located in /system/etc/permission but it is not working anymore on Android 9. Any idea?

When I put an NFC card near my Android 14 phone, a specific app (that I do not want being able to skim the data of every card I use with my phone) opens. Can I turn off "NFC read permission" for a specific app? This seems like a big security issue, and given that I can control camera, microphone, location, etc. permissions for specific apps, I'm surprised I haven't been able to find any information on preventing a given app from receiving NFC read info. I want to be able to use NFC via other apps, so turning it off entirely is not helpful.