External Storage Permissions on Android | PSPDFKit

When an app is granted storage permission, it can access the device storage at any time. This means it can upload personal files or even delete sensitive ... PSPDFKit Products Solutions Aviation StreamlineYourFlightReleases Construction DigitizePDFFormsandDrawings Education MoveYourApptotheHeadoftheClass Legal HandleandReviewDocumentsinRealTime Government ServePublicRecordsSecurelyandIntuitively Documentation Blog ExploretheBlog BlogOverview Development Releases Tutorials CustomerStories Solutions CompanyNews Archive FeaturedArticles HowtoDigitallySignaPDFUsingaYubiKey UsingInstantLayersforOnsiteVisits FittingTextintoaBoundingFrameoniOS Pricing FreeTrial ContactSales ContactSales ContactSales T PSPDFKit Products Solutions Documentation Blog Pricing Company CustomerPortal TechnicalSupport FreeTrial ContactSales Web PDFSDK Viewing Viewer FormViewing Markup Annotations ElectronicSignatures DigitalSignatures DocumentEditor FormFilling Collaboration Instant InstantComments AdvancedTools FormDesigner Redaction Comparison OCR PDFGeneration FileTypes OfficeFiles ImageDocuments SupportFor Web Electron Mobile PDFSDK Viewing Viewer IndexedSearch FormViewing ReaderView Markup Annotations ElectronicSignatures DigitalSignatures DocumentEditor FormFilling Collaboration Instant InstantComments Replies AdvancedTools Redaction Comparison OCR FileTypes OfficeFiles ImageDocuments SupportFor iOS Android ReactN. Flutter Server ProcessorforLinux Editing XFDF OCR Redaction PDFGeneration OfficeFiles ImageDocuments Libraryfor.NET Viewer DocumentEditor FormFilling Redaction OCR LibraryforJava Viewer DocumentEditor FormFilling Redaction OCR API PDFAPI PDFGenerator Watermark OCR ConverterAPI ImagetoPDF OfficetoPDF HTMLtoPDF PDFtoImage HTMLtoImage OfficetoImage EditorAPI Merge Split Delete Flatten Duplicate FeaturesList Aviation Construction Education Legal Government Web Web Overview CodeSamples GetStarted APIReference Guides LaunchDemo Frameworks VanillaJavaScript Blazor React Electron Angular Next.js Vue RubyonRails Svelte TypeScript PWA Mobile iOS Overview CodeSamples GetStarted APIReference Guides Android Overview CodeSamples GetStarted APIReference Guides HybridTechnologies Flutter Xamarin.Android Electron Ionic ReactNative Cordova Xamarin.iOS Server ProcessorforLinux Overview GetStarted APIReference Guides Libraryfor.NET Overview ExampleProject GetStarted APIReference Guides LibraryforJava Overview ExampleProject GetStarted APIReference Guides Desktop UWP Overview ExampleProjects GetStarted APIReference Guides MacCatalyst Overview ExampleProjects GetStarted APIReference Guides HybridTechnologies Electron ReactNative APITools PDFAPITools ToolsOverview GetStarted Guides PDFGenerator Watermark OCR ImagetoPDF OfficetoPDF HTMLtoPDF PDFtoImage HTMLtoImage OfficetoImage Merge Split Delete Flatten Duplicate Overview TechnicalSupport CustomerPortal BlogOverview Development Releases Tutorials CustomerStories Solutions CompanyNews Archive About Team Careers We’reHiring! Contactus Newsletter Legal ThepermissionmodelintroducedinAndroid6.0offersanewlayerofsecurityforusers.Someactionshavebeenrefinedtobemoresecurewithoutrequestingdangerouspermissionstointeractwithfiles.Forinstance,usingtherightintentactionforfiringuptheAndroidSAFpickerdoesnotevenrequirethestoragepermissions.Butwhy? Inthisarticle,we’lldelveintotheAndroidpermissionmodel—inparticular,thestoragepermissions.We’llhavealookathowpermissionswork,startingfromahighlevelandworkingourwaydowntothelowerlevelmanagedbyFUSE,thenativeAndroidmodulethatinteractswiththefilesystem. TheDawnoftheNewPermissionsEra ThemainpurposeoftheAndroidpermissionmodelistoprovidefinaluserswithabetterunderstandingofwhichresourcesanappisgoingtouse.IfadeviceisrunningAndroid6.0(APIlevel23)orhigherandtheapp’stargetSdkVersionis23orhigher,theusercanrefuseaspecificpermission.Butifanappiswellimplemented,itshouldworkevenwithoutaccessingtheresourcethathasbeenprohibited.Thatsaid,anappthatmustworkwithoutaresourceusesadifferentimplementationflow,anditistheresponsibilityofprofessionaldeveloperstomakesuretheuserwon’texperiencecrashesorstrangebehaviors. TheFourProtectionLevels Therearefourprotectionlevelsthataffectthird-partyapps:normal,signature,dangerous,andspecialpermissions. Usingtheadbtool,wecanlistallthepermissions.Addingthe-dand-goptions,we’lllistonlydangerouspermissionsorganizedbygroup: adbshellpmlistpermissions-d-g Tograntorrevokeasinglepermissionforanapp,usethefollowing: adbshellpm[grant|revoke] Youcangrantasmanypermissionsasyoulikebyusingthiscommandmultipletimes. ✅NormalPermissions Normalpermissionsarepermissionsthatarenotconsideredharmful.Examplesofthisincludethepermissiontosetthetimezone.Normalpermissionsaregrantedatinstallationtime,andtheonlypreconditionisdeclaringtheminthemanifestoftheapp. ⛔️SignaturePermissions Signaturepermissionsaregenerallypermissionsdefinedbyoneappandusedbyanother.Thesystemgrantstheseapppermissionsatinstalltimeonlyiftherequestingapplicationissignedwiththesamecertificateastheapplicationthatdeclaredthepermission. 💀DangerousPermissions Dangerouspermissionscouldpotentiallyexposetheuser’sprivateinformationorshareoperationswithotherapps.Forexample,theabilitytoreadtheuser’scontactsisadangerouspermission.Dangerouspermissionsaregrantedatruntime,andtheusermustexplicitlygrantthepermissiontotheapp. 🦄SpecialPermissions Specialpermissionsareasmallsetofpermissionsthatareparticularlysensitive,somostappsshouldnotusethem.ExamplesoftheseincludeSYSTEM_ALERT_WINDOWandWRITE_SETTINGS.Specialpermissionsmustbedeclaredinthemanifest,andtheappwillsendanintentrequestingtheuser’sauthorizationbyshowingadetailedmanagementscreentotheuser. StoragePermissions Storagepermissionsaredangerouspermissionsforaccessingthesharedexternalstorage.Fullreadandwriteaccesstoanylocationofthevolumeisprotectedbytwopermissionsmarkedasdangerous:READ_EXTERNAL_STORAGEandWRITE_EXTERNAL_STORAGE. Whenanappisgrantedstoragepermission,itcanaccessthedevicestorageatanytime.Thismeansitcanuploadpersonalfilesorevendeletesensitiveinformationfromthedevice,soit’sbettertothinktwicebeforegivingstoragepermissiontountrustedapps,asitcanbeharmful. OnlywhentheexternalstorageismountedandthepermissionsaregrantedwillAndroidletyoucallEnvironment#getExternalStorageDirectory(). Callingamethodthatrequiresstorageaccesswithouttherightpermissionswillthrowtheexceptionjava.lang.SecurityException. AccessingStorageVolumewithoutStoragePermissions Therearesomespecialpathsthatcanbeaccessedwithoutreadingandwritingpermissionsthatareparticularlyusefulforstoringappprivatedata:Context#getExternalFilesDir(String),Context#getExternalCacheDir(),andContext#getExternalMediaDirs(). AnotherwaytoaccessaspecificfilewithoutrequiringdangerouspermissionsisbyrelyingontheAndroidStorageAccessFramework(SAF)picker. TheSAFpickerdoesnotallowanapptohavefullcontrolofthestorage,ismuchmorerestricted,andrequiressomeinteractionwiththeusertochoosetherightlocation:Thiscanbeanewfilenametosaveoraspecificdocumenttoopen.ThereisalsoaspecialcasewheretheSAFpickercanopenanentiredirectoryusingtheintentactionACTION_OPEN_DOCUMENT_TREE. TheoutcomeoftheSAFpickerwillbeaUrithatcanbeopenedbyaContentResolver. Forexample,ifyouwanttoopenadocumentselectedbytheSAFpicker,usethefollowingcode: valinputStream=context.contentResolver.openInputStream(documentUri)InputStreaminputStream=context.getContentResolver().openInputStream(documentUri); SeetheSAFpickerinactiononourfreePDFViewerforAndroidapp. Security AndroidmanagesexternalstorageusingFUSE,aUnix-likedaemonthatcanbeseenasavirtualfilesystemthatpreventsmalicioususersfromaccessingprotectedcode.TheactualFUSEimplementationiswritteninC++andcanbeexecutedonlyasroot. FinalThoughtsandReference Androidpermissionsmustbetreatedwisely,andhereatPSPDFKit,wefocusheavilyonsecurityandprivacy.Theuseofdangerousandspecialpermissionsshouldbeavoidedwhennotstrictlyrequired,andanappshouldworkevenwhenapermissionisnotgranted.TherearemanytutorialsontheinternetabouttheAndroidpermissionmodel,butbecauseitevolvesrapidly,it’salwaysagoodideatocheckiftheinformationisuptodate,asinthelatestAndroidAPI,manymethodshavechanges. OtherUsefulResources Permissionsusagenotes ThegreatNickButchertalkingaboutpermissionsinAndroidMarshmallow6.0 Permissionsoverview Androidruntimepermissionsexampleproject “Mother,MayI?”AskingforPermissions(AndroidDevSummit2015) ForgettheStoragePermission:AlternativesforsharingandcollaboratingbyIanLake OntheEdgeoftheSandbox:ExternalStoragePermissions Openfilesusingstorageaccessframework SharePost Free60-DayTrial TryPSPDFKitinyourapptoday. FreeTrial RelatedArticles Exploremore DEVELOPMENT | iOS•Development FittingTextintoaBoundingFrameoniOS DEVELOPMENT | Development•git•GitHub HowtoHandleStackedPullRequestsonGitHub DEVELOPMENT | iOS•Development•Xcode WhatIsaDeprecatedAPIoniOS?