Internship - Week 5 - App permissions
Hey there,
This week we released a new version of ProDnD, which means that this week was dedicated to testing the app for bugs and fixing them. But this blog is not about bugs we found or fixed, it is dedicated to one particular problem we were dealing with: Permissions for mobile applications. I'm sure everybody has had this at least once when they were trying to install an app on their phone and it asked to get access to some functionality, but you did not want the app to have access to this functionality. This is why, as an app developer, you try to keep the permission count as low as possible. Less permissions mean less people that will have a problem with it and this positively affects the amount of installs.
While trying to release the new update for ProDnD, we discovered that it required access to multiple permissions that we were not even using. In particular the READ_PHONE_STATE and ACCESS_NETWORK_STATE permissions. People are not particularly fond of these permissions and we were not using them, so we definitely wanted to get rid of them.
The only requirement that is needed to activate a permission requirement, is a reference in code to a certain functionality that requires the permission. This caused us to search the whole code base, to find any references that could trigger the above named permissions. When none were found, we tried to find the particular version in the version control, in which the permissions were added. this ended up being the version were a lot of plug-ins were added. After searching through these plug-ins we finally found the dll file that was the bain of our existence. All together it took us 3 days just to find what caused the problem.
It would be nice if people that make these plug-ins would check for these problems before updating their product, but we can't rely on this. If you want to avoid days of searching, you should check your apps permissions on a regular interval.