package: permission

The permission package models how Android APIs use Android permissions. Two academic papers have researched this topic:

Android Permissions Demystified: CCS'11, UC Berkeley, detecting over-privileged Android apps.
PScout: Analyzing the Android Permission Specification: CCS'12, U Toronto, analyzing the Android OS to tell what APIs require what Android permissions.

PATDroid provides convenient data structures to map from an API to the permission(s) it uses and vice verse. On the lower level, PATDroid reads PScout output to obtain the mappings. For example, for Jellybean, the raw PScout output looks like this

Permission:android.permission.CHANGE_WIFI_STATE
17 Callers:
<android.net.wifi.WifiManager: boolean reassociate()>
<android.net.wifi.WifiManager: boolean startScan()>
<android.net.wifi.WifiManager: void setCountryCode(java.lang.String,boolean)>

First, use patdroid.permission.PScoutParser to parse this and obtain an APIMapping object. Then use the two get interfaces to query permissions/methods.

PScoutParser.parse(...).get("android.permission.CHANGE_WIFI_STATE").get(0)

should be android.net.wifi.WifiManager: boolean reassociate(). Similarly, given a method

MethodInfo m = ClassInfo.findClass("android.net.wifi.WifiManager").findMethod("reassociate");
PScoutParser.parse(...).get(m).get(0) == "android.permission.CHANGE_WIFI_STATE"

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

package: permission

Clone this wiki locally