Google just added a runtime-only permission to the latest version of its mobile platform Android 8.0 Oreo. Runtime permissions were first introduced to developers and users in Android 6.0 Marshmallow, before that developers would have permissions their apps needed to run in the Android Manifest file that gets generated automatically during installation of the app. This was not the best scenario when it comes to users’ security and willingness to grant or deny permissions as freely as they would like.
Android 6.0 Marshmallow came with the answer, providing a more flexible method of users and developers to grant and ask for permissions for apps. This move was necessary especially for some sensitive cases like when it comes to the app needing to read your text messages or make calls or pull your contact list, it was crucial that these events were brought to the user’s attention before they are performed by the app.
The only problem regarding Android 6.0 Marshmallow’s runtime permissions is that they would only apply to version 6.0 or higher of Android, For Android Lollipop or less, applications still configured runtime permissions upon the app installation. A lot of applications, like Snapchat for example, still do that and get the needed permissions granted during the app installation to avoid dealing with runtime permissions.
Fortunately, now with Android 8.0 Oreo, Google performed a small yet very important tweak that is able to cover this security gap in the future. Last April the change to allow having runtime-only permission was committed to AOSP adding a new security layer to Android. Runtime-only permissions provide a flag with a new level of protection to apps targeting Android 8.0 Oreo or higher. For now, the only permission using this runtime-only flag is the permission ANSWER_PHONE_CALLS that, as it’s obviously stated in its name, allows an app to answer phone calls. But that doesn’t negate the fact that this flag has a very good chance to have all permissions in the future restricted under it. Leading eventually to more trusted preventions of apps that want to have the chance running on Android 8.0 Oreo or higher versions, grant themselves dangerous or sensitive permissions upon installation that would jeopardize Android users’ privacy or the security of their data or devices. Unless the app absolutely needs a permission, in which case will have to explicitly ask the user for it, it won’t be able to grant it to itself when installing on an Oreo device.