Google Introduces Runtime-Only Permissions in Android 8.0 for Better Security
One of the best security-oriented changes included in Android 6.0 Marshmallow was runtime permissions. Before the advent of runtime permissions, developers would define permissions in their AndroidManifest file that would be granted automatically upon installation. On Android 6.0 and newer, runtime permissions required the user to explicitly grant or deny a permission through a dialog. From a security standpoint, this ensured that certain sensitive permissions like reading text messages or contacts would need to be brought to the user’s attention before the app could use them.
But there was one major problem: runtime permissions are only enforced for applications targeting Android Marshmallow or newer. So long as the app targets Android Lollipop or older, any runtime permissions would still be automatically granted upon installation. Lots of applications, most notably Snapchat, still do this in order to avoid dealing with runtime permissions. Finally, with Android 8.0 Oreo, Google has introduced a small but very important change to try and fix that in the future.
On April 4th, a commit was made to AOSP that allows permissions to be runtime-only. This change adds a new runtime protection level flag to the Android system that, if set, will only grant certain permissions to apps that target Android Marshmallow or above. Currently the only permission that takes advantage of this new runtime-only flag is ANSWER_PHONE_CALLS, which allows any application with this permission to programmatically answer phone calls on behalf of the user.
Still, it’s a real security improvement for when more and more permissions are restricted under this flag, then apps won’t be able to sneakily grant themselves sensitive or dangerous permissions unless they start targeting a newer version of Android. This will also push app developers to adopt newer APIs and features on their apps, as targeting a newer Android version will become a requirement to use these new permissions.