151 lines
7.8 KiB
XML
151 lines
7.8 KiB
XML
<?xml version="1.0" encoding="utf-8"?>
|
|
<!-- Copyright (C) 2008 The Android Open Source Project
|
|
|
|
Licensed under the Apache License, Version 2.0 (the "License");
|
|
you may not use this file except in compliance with the License.
|
|
You may obtain a copy of the License at
|
|
|
|
http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
Unless required by applicable law or agreed to in writing, software
|
|
distributed under the License is distributed on an "AS IS" BASIS,
|
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
See the License for the specific language governing permissions and
|
|
limitations under the License.
|
|
-->
|
|
|
|
<!-- This file is used to define the mappings between lower-level system
|
|
user and group IDs and the higher-level permission names managed
|
|
by the platform.
|
|
|
|
Be VERY careful when editing this file! Mistakes made here can open
|
|
big security holes.
|
|
-->
|
|
<permissions>
|
|
|
|
<!-- ================================================================== -->
|
|
<!-- ================================================================== -->
|
|
<!-- ================================================================== -->
|
|
|
|
<!-- The following tags are associating low-level group IDs with
|
|
permission names. By specifying such a mapping, you are saying
|
|
that any application process granted the given permission will
|
|
also be running with the given group ID attached to its process,
|
|
so it can perform any filesystem (read, write, execute) operations
|
|
allowed for that group. -->
|
|
|
|
<permission name="android.permission.BLUETOOTH_ADMIN" >
|
|
<group gid="net_bt_admin" />
|
|
</permission>
|
|
|
|
<permission name="android.permission.BLUETOOTH" >
|
|
<group gid="net_bt" />
|
|
</permission>
|
|
|
|
<permission name="android.permission.INTERNET" >
|
|
<group gid="inet" />
|
|
</permission>
|
|
|
|
<permission name="android.permission.CAMERA" >
|
|
<group gid="camera" />
|
|
</permission>
|
|
|
|
<permission name="android.permission.READ_LOGS" >
|
|
<group gid="log" />
|
|
</permission>
|
|
|
|
<permission name="android.permission.WRITE_EXTERNAL_STORAGE" >
|
|
<group gid="sdcard_rw" />
|
|
</permission>
|
|
|
|
<!-- The group that /cache belongs to, linked to the permission
|
|
set on the applications that can access /cache -->
|
|
<permission name="android.permission.ACCESS_CACHE_FILESYSTEM" >
|
|
<group gid="cache" />
|
|
</permission>
|
|
|
|
<!-- RW permissions to any system resources owned by group 'diag'.
|
|
This is for carrier and manufacture diagnostics tools that must be
|
|
installable from the framework. Be careful. -->
|
|
<permission name="android.permission.DIAGNOSTIC" >
|
|
<group gid="input" />
|
|
<group gid="diag" />
|
|
</permission>
|
|
|
|
<!-- ================================================================== -->
|
|
<!-- ================================================================== -->
|
|
<!-- ================================================================== -->
|
|
|
|
<!-- The following tags are assigning high-level permissions to specific
|
|
user IDs. These are used to allow specific core system users to
|
|
perform the given operations with the higher-level framework. For
|
|
example, we give a wide variety of permissions to the shell user
|
|
since that is the user the adb shell runs under and developers and
|
|
others should have a fairly open environment in which to
|
|
interact with the system. -->
|
|
|
|
<!-- Standard permissions granted to the shell. -->
|
|
<assign-permission name="android.permission.WRITE_EXTERNAL_STORAGE" uid="shell" />
|
|
<assign-permission name="android.permission.SEND_SMS" uid="shell" />
|
|
<assign-permission name="android.permission.CALL_PHONE" uid="shell" />
|
|
<assign-permission name="android.permission.READ_CONTACTS" uid="shell" />
|
|
<assign-permission name="android.permission.WRITE_CONTACTS" uid="shell" />
|
|
<assign-permission name="android.permission.READ_CALENDAR" uid="shell" />
|
|
<assign-permission name="android.permission.WRITE_CALENDAR" uid="shell" />
|
|
<assign-permission name="android.permission.READ_USER_DICTIONARY" uid="shell" />
|
|
<assign-permission name="android.permission.WRITE_USER_DICTIONARY" uid="shell" />
|
|
<assign-permission name="android.permission.ACCESS_FINE_LOCATION" uid="shell" />
|
|
<assign-permission name="android.permission.ACCESS_COARSE_LOCATION" uid="shell" />
|
|
<assign-permission name="android.permission.ACCESS_LOCATION_EXTRA_COMMANDS" uid="shell" />
|
|
<assign-permission name="android.permission.ACCESS_NETWORK_STATE" uid="shell" />
|
|
<assign-permission name="android.permission.ACCESS_WIFI_STATE" uid="shell" />
|
|
<assign-permission name="android.permission.BLUETOOTH" uid="shell" />
|
|
<!-- System tool permissions granted to the shell. -->
|
|
<assign-permission name="android.permission.GET_TASKS" uid="shell" />
|
|
<assign-permission name="android.permission.CHANGE_CONFIGURATION" uid="shell" />
|
|
<assign-permission name="android.permission.REORDER_TASKS" uid="shell" />
|
|
<assign-permission name="android.permission.SET_ANIMATION_SCALE" uid="shell" />
|
|
<assign-permission name="android.permission.SET_PREFERRED_APPLICATIONS" uid="shell" />
|
|
<assign-permission name="android.permission.WRITE_SETTINGS" uid="shell" />
|
|
<assign-permission name="android.permission.WRITE_SECURE_SETTINGS" uid="shell" />
|
|
<assign-permission name="android.permission.BROADCAST_STICKY" uid="shell" />
|
|
<!-- Development tool permissions granted to the shell. -->
|
|
<assign-permission name="android.permission.SET_DEBUG_APP" uid="shell" />
|
|
<assign-permission name="android.permission.SET_PROCESS_LIMIT" uid="shell" />
|
|
<assign-permission name="android.permission.SET_ALWAYS_FINISH" uid="shell" />
|
|
<assign-permission name="android.permission.DUMP" uid="shell" />
|
|
<assign-permission name="android.permission.SIGNAL_PERSISTENT_PROCESSES" uid="shell" />
|
|
<!-- Internal permissions granted to the shell. -->
|
|
<assign-permission name="android.permission.FORCE_BACK" uid="shell" />
|
|
<assign-permission name="android.permission.BATTERY_STATS" uid="shell" />
|
|
<assign-permission name="android.permission.INTERNAL_SYSTEM_WINDOW" uid="shell" />
|
|
<assign-permission name="android.permission.INJECT_EVENTS" uid="shell" />
|
|
<assign-permission name="android.permission.SET_ACTIVITY_WATCHER" uid="shell" />
|
|
<assign-permission name="android.permission.READ_INPUT_STATE" uid="shell" />
|
|
<assign-permission name="android.permission.SET_ORIENTATION" uid="shell" />
|
|
<assign-permission name="android.permission.INSTALL_PACKAGES" uid="shell" />
|
|
<assign-permission name="android.permission.CLEAR_APP_USER_DATA" uid="shell" />
|
|
<assign-permission name="android.permission.DELETE_CACHE_FILES" uid="shell" />
|
|
<assign-permission name="android.permission.DELETE_PACKAGES" uid="shell" />
|
|
<assign-permission name="android.permission.ACCESS_SURFACE_FLINGER" uid="shell" />
|
|
<assign-permission name="android.permission.READ_FRAME_BUFFER" uid="shell" />
|
|
<assign-permission name="android.permission.DEVICE_POWER" uid="shell" />
|
|
<assign-permission name="android.permission.INSTALL_LOCATION_PROVIDER" uid="shell" />
|
|
<assign-permission name="android.permission.BACKUP" uid="shell" />
|
|
|
|
<assign-permission name="android.permission.MODIFY_AUDIO_SETTINGS" uid="media" />
|
|
<assign-permission name="android.permission.ACCESS_DRM" uid="media" />
|
|
<assign-permission name="android.permission.ACCESS_SURFACE_FLINGER" uid="media" />
|
|
|
|
<assign-permission name="android.permission.ACCESS_SURFACE_FLINGER" uid="graphics" />
|
|
|
|
<!-- This is a list of all the libraries available for application
|
|
code to link against. -->
|
|
|
|
<library name="android.test.runner"
|
|
file="/system/framework/android.test.runner.jar" />
|
|
<library name="javax.obex"
|
|
file="/system/framework/javax.obex.jar"/>
|
|
|
|
</permissions>
|