Device implementations MUST support the Android permissions model as defined in the Android developer documentation. Specifically, implementations MUST enforce each permission defined as described in the SDK documentation; no permissions may be omitted, altered, or ignored. Implementations MAY add additional permissions, provided the new permission ID strings are not in the android.* namespace.
Permissions with a protectionLevel
of ‘PROTECTION_FLAG_PRIVILEGED’ MUST only be granted to apps preloaded in the whitelisted privileged path(s) of the system image, such as the system/priv-app
path in the AOSP implementation.
Permissions with a protection level of dangerous are runtime permissions. Applications with targetSdkVersion > 22 request them at runtime. Device implementations: