android-source restriction android-permissions android-app-ops

AOSP: How to restrict app accessing Camera, Location?

I'm trying to restrict apps in Android by modifying source code. I was able to get it working for Internet, but I was not able to restrict apps from using Camera or Location?

Internet permission is enforced at linux process level with group-id. But I Camera/Location are not enforced the same way.

So I want to know what is the best place to restrict the apps for these permissions. Are checkCallingPermission() enforceCallingPermission() methods the right ones?

Solution

Yes, you're right. In these methods you can put your hooks where you will check if a permission should be restricted for an application. We did similar check when we were implementing CRePE (enter link description here).

Change SensorEvent data values length in Android Sensor Framework
How to implement AOSP out-of-the-box experience (i.e., setup wizard)?
Is there any way to turn on bluetooth using cmd line (adb shell preferably)
WebView Crashing on AOSP 14 Emulator
AOSP Add Jar to Boot Class Path
Should both healthd and [email protected] be running?
AOSP incremental OTA failed to apply
AOSP - Error: Overriding commands for target (...), previously defined at (...)
How to display keyboard in two display at a time in android?
Android Cuttlefish docker image build fails to install host packages in container
GrapheneOS custom build fails to boot after adding prebuilt APK under external/MyApp and updating handheld_product.mk
Hilt doesn't work with Jetpack Compose in AOSP
Duplicate declaration of type' at token ';' when trying to declare a SELinux type
AOSP sync fails with RepoUnhandledExceptionError Number of processes must be at least 1
How to disable -Werror in building AOSP
Where is android.os.SystemProperties?
Why AndroidX source code is available outside of AOSP?
How to validate which NTP server is currently in use
"No rule to make target" error when adding a library in android source application
android core library compilation
How to include OpenGapps in AOSP 12 build?
Error when build AOSP 14 - internal error: undefined variable CTS_TEST_SUITES_DEFAULT
android system class compilation
How do I change the default wallpaper on my custom rom
What is the difference between privapp-permissions.xml in system/etc/permissions and default-permissions.xml in system/etc/default-permissions?
How can I download the Android support libraries as a whole directory in my device? (Android device, not pc)
Build AOSP 13 for tablet emulator
Producing a user build of AOSP with permissive SElinux policy
Repo refusing to sync all contents
Android 8 Build Fails with "ANDROID_DATA not set and /data does not exist" Error