logo

Advisories

Weaknesses

Fixes

Requirements

Compliance

Excessive privileges - Mobile App - Android

Need

Restrict application permissions to the minimum required for functionality

Context

  1. Usage of Android development for mobile applications
  2. Ensuring that applications request only the necessary permissions

Description

Insecure Code Example

<manifest xmlns:android="http://schemas.android.com/apk/res/android"
    package="com.example.app">

    <uses-permission android:name="android.permission.READ_SMS" />
    <uses-permission android:name="android.permission.WRITE_EXTERNAL_STORAGE" />
    <uses-permission android:name="android.permission.RECORD_AUDIO" />

    <application
        android:allowBackup="true"
        android:theme="@style/AppTheme">
        <activity android:name=".MainActivity">
            <intent-filter>
                <action android:name="android.intent.action.MAIN" />
                <category android:name="android.intent.category.LAUNCHER" />
            </intent-filter>
        </activity>
    </application>
</manifest>

The above `AndroidManifest.xml` file defines excessive permissions that are not required for the core functionality of the application. - `READ_SMS` allows reading SMS messages, which is sensitive data. - `WRITE_EXTERNAL_STORAGE` enables writing to external storage, which can be exploited for data exfiltration. - `RECORD_AUDIO` allows capturing microphone input, which could be used for eavesdropping. If an attacker gains control over the app or exploits a vulnerability, these excessive permissions could be abused to access private user data.

Steps

  1. Open the `AndroidManifest.xml` file.
  2. Review all `<uses-permission>` entries and remove any unnecessary ones.
  3. Ensure that permissions align with the app's core functionality.
  4. Test the app to confirm that it works correctly with the minimum required permissions.

Secure Code Example

<manifest xmlns:android="http://schemas.android.com/apk/res/android"
    package="com.example.app">

    <!-- Only essential permissions should be included -->
    <uses-permission android:name="android.permission.INTERNET" />

    <application
        android:allowBackup="true"
        android:theme="@style/AppTheme">
        <activity android:name=".MainActivity">
            <intent-filter>
                <action android:name="android.intent.action.MAIN" />
                <category android:name="android.intent.category.LAUNCHER" />
            </intent-filter>
        </activity>
    </application>
</manifest>

The secure code ensures that only the **necessary** permissions are granted. If the application does not require access to SMS, external storage, or microphone input, these permissions should be **removed**. Before adding any permission, ensure that it is essential for the app's functionality and follows the **principle of least privilege**.

References

  • 346 - Excessive privileges - Mobile App

    • Last updated

    2025/04/03