Why do we need permission-tree in Android?

Question

In Android documentation on permission-tree, I cannot find any use scenario showing permission-tree is useful.

Now there are several questions in my mind:

1. Why do we need permission-tree?

2. Is there any real scenario to illustrate permission-tree is necessary?

3. Is there any example to demonstrate how the client App requests the permission-tree?

Answer 1

1. Why do we need permission-tree?

When you use permission-tree, you don't want other apps to use any permission with the same base name as you declared from permission-tree. For example, you use

    <permission-tree
    android:name="com.example.project.taxes"
    android:label="" />

Which means you don't want other apps to use any permission prefix with "com.example.project.taxes".

If there is any app with the same base name installed before your app, both apps' permissions are valid.

If your app installed first, and another app using a permission prefix with your base name, another app's protection level will automatically change to "signature", even it declares as "normal" in the AndroidManifest.xml. This can be checked when you pull system packages file from devices.

adb pull /data/system/packages.xml

Normal permission is like this,

<item name="com.google.android.gms.permission.TRANSFER_WIFI_CREDENTIAL" package="com.google.android.gms" />

If there is a conflict, it will become like this.

<item name="com.google.android.gms.permission.TRANSFER_WIFI_CREDENTIAL" package="com.google.android.gms"  protection="2" />

That means you will block all the future installed app to gain the normal permission with your base name. When some app trying to use it, Logcat will log some message like this when the app is installing,

PackageManager: Un-granting permission com.example.project.taxes.deductions.MAKE_SOME_UP  from package com.others.app

So be careful to choose your permission-tree name.

2. Is there any real scenario to illustrate permission-tree is necessary?

From the /data/system/packages.xml from a new device, I can see only a google app is using permission tree.

 <permission-trees>
        <item name="com.google.android.googleapps.permission.GOOGLE_AUTH" package="com.google.android.gsf" />
    </permission-trees>

And this app really uses a lot of customised permission, that's why it needs to declared the permission tree and not allow others to conflict with them.

3. Is there any example to demonstrate how the client App requests the permission-tree?

This is example how client app request the permission tree.

    <permission-tree
    android:name="com.example.project.taxes"
    android:label="" />

But I don't think a client app is necessary to use permission tree, it's more meaningful for a system app. Otherwise, use a long name for permission tree, make sure no one else has conflict with this name.