Saturday, October 26, 2019

What is the Android Permission "WRITE_GSERVICES" doing?


There is a mysterious and undocumented Android Permission called: WRITE_GSERVICES. As usual Googles own documentation is even more mysterious than any bad fairytale, writing:


android.permission.WRITE_GSERVICES      Allows an application to modify the Google service map.


However Googling (!) for Google Service Map yields nothing useful.


What is it controlling and what is it used for?



Answer



Note this permission is almost completely undocumented, hence we need to feel our way to its real meaning. So this is in no way an "authoritative answer" – but more or less something between a "good guess" and a "deduction from other pointers".


The official description for this permission (as said, there's no further documentation) is:



Allows an application to modify the Google service map.



So now we can guess what that's supposed to mean. Let's do some "reverse engineering" for that to feel our way into it. Ryan already gave some pointers in his comment, linking to two SO questions:




Reading between the lines: Whenever an app wants to use (parts of) the Google Services Framework, it must declare the READ_GSERVICES permission required – which is pretty much similar to requiring GET_ACCOUNTS if you want to USE_CREDENTIALS: the app first needs to ensure the required service is available at all, before accessing it.


This gives us an idea of what the Google Service Map must be: some kind of index for available (installed) Google Services.


Now that we discovered that, we can make a good guess what the WRITE_GSERVICES permission might be intended for – and why it is protected by the system protection level (meaning, it's only granted to "system apps" – i.e. those integrated into the ROM, which is being installed on the /system partition): If READ_GSERVICES is intended to figure out which Google services are available, WRITE_GSERVICES must be its counter-part to update that service map. Which is e.g., whenever a new service was installed (or removed), to update the "index of Google Services available on the device" – the "Google Service Map".


Just one thing I wonder in this context is, why this permission belongs to the ACCOUNTS group



See also:



-

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

samsung galaxy s 2 - Cannot restore Kies backup after firmware upgrade

I backed up my Samsung Galaxy S2 on Kies before updating to Ice Cream Sandwich. After the upgrade I tried to restore, but the restore fails ...