Excessive privileges - Mobile App - android

Excessive privileges - Mobile App - android

Need

Restrict application permissions to the minimum required for functionality

Context

  • Usage of Android development for mobile applications
  • Ensuring that applications request only the necessary permissions

Description

Non compliant code

        <manifest xmlns:android="http://schemas.android.com/apk/res/android"
    package="com.example.app">

    <uses-permission android:name="android.permission.READ_SMS" />
    <uses-permission android:name="android.permission.WRITE_EXTERNAL_STORAGE" />
    <uses-permission android:name="android.permission.RECORD_AUDIO" />

    <application
        android:allowBackup="true"
        android:theme="@style/AppTheme">
        <activity android:name=".MainActivity">
            <intent-filter>
                <action android:name="android.intent.action.MAIN" />
                <category android:name="android.intent.category.LAUNCHER" />
            </intent-filter>
        </activity>
    </application>
</manifest>

        
        

The following AndroidManifest.xml file defines excessive permissions that are not required for the core functionality of the application.

- READ_SMS allows reading SMS messages, which is sensitive data.
- WRITE_EXTERNAL_STORAGE enables writing to external storage, which can be exploited for data exfiltration.
- RECORD_AUDIO allows capturing microphone input, which could be used for eavesdropping.

If an attacker gains control over the app or exploits a vulnerability, these excessive permissions could be abused to access private user data.

Steps

  • Open the `AndroidManifest.xml` file.
  • Review all `` entries and remove any unnecessary ones.
  • Ensure that permissions align with the app's core functionality.
  • Test the app to confirm that it works correctly with the minimum required permissions.

Compliant code

        <manifest xmlns:android="http://schemas.android.com/apk/res/android"
    package="com.example.app">

    <!-- Only essential permissions should be included -->
    <uses-permission android:name="android.permission.INTERNET" />

    <application
        android:allowBackup="true"
        android:theme="@style/AppTheme">
        <activity android:name=".MainActivity">
            <intent-filter>
                <action android:name="android.intent.action.MAIN" />
                <category android:name="android.intent.category.LAUNCHER" />
            </intent-filter>
        </activity>
    </application>
</manifest>

        
        

The secure code ensures that only the necessary permissions are granted. If the application does not require access to SMS, external storage, or microphone input, these permissions should be removed.

Before adding any permission, ensure that it is essential for the app's functionality and follows the principle of least privilege.

References