Project

General

Profile

Feature #79

Updated by Soren Stoutner almost 3 years ago

At some point Privacy Browser will add READ_EXTERNAL_STORAGE and WRITE_EXTERNAL_STORAGE permissions. These are classified as dangerous permissions. The concern is that a malicious website could leverage an vulnerability in Android's WebView to access and modify a device's file system.

For API >= 23 (Marshmallow, version 6.x) users can revoke this access if desired. For older versions of Android they cannot. As of 31 December 2016, 41.03% of standard installs and 52.31% of free installs through Google Play are for API <= 22.

There are important features that require these permissions, like https://redmine.stoutner.com/issues/1, https://redmine.stoutner.com/issues/23, and https://redmine.stoutner.com/issues/32. More discussion of the issue can be found at https://www.stoutner.com/downloaded-file-locations/.

The purpose of this feature request is to provide a place for users to voice their opinion as to whether Privacy Browser should add these permissions now or wait until a smaller percentage of the userbase is on API <= 22.

It is not possible to please everyone all the time, but I have a strong preference to follow the wishes of the majority of the users in cases like these.

Back