Are there any tools to sandbox a malware application even more than the granted permissions on Android?

Question

Suppose I want to run some program which requests too many permissions. For example, record from the microphone or read IMEI of my phone. However, there are no practical explanation why recording from the mic or IMEI number is needed for this particular application, except for data mining.

I want to try this app, but restrict its permissions. For example, if it reads IMEI, it should get random IMEI(but the same every time). If it tries to read the mic, it should get silence.

Some other interesting permissions:

1. Phonebook read/write access - returns zero contacts, pretend that write is OK, but actually do nothing.
2. Send SMS - pretend that SMS is sent, but do nothing.
3. Get list of visible Wi-Fi networks - return zero networks.

Obviously the tool should require a rooted phone. Are there any such tools?

Answer 1

There is a TISSA prototype application, but it is not released, yet. In CyanogenMod 7 there is a setting to revoke application permissions, but if the app expects the API to return something useful instead of failing, it will crash, it is still not faking data.