ABSTRACT

The program requests permission to make a network connection.

EXPLANATION

Granting this permission will allow the software to open network sockets. This permission would give the program
control over the device that can negatively impact the user. Because this type of permission introduces potential risk, the system may not automatically grant
it to the requestor.
Example 1: The <uses-permission .../> element of the AndroidManifest.xml below includes a network permission attribute.

 <uses-permission android:name="android.permission.INTERNET"/> 


REFERENCES

[1] Standards Mapping - OWASP Top 10 2004 - (OWASP 2004) A2 Broken Access Control

[2] Standards Mapping - OWASP Top 10 2010 - (OWASP 2010) A6 Security Misconfiguration

[3] Standards Mapping - FIPS200 - (FISMA) AC

[4] Mark L. Murphy Beginning Android 2 Apress

[5] Standards Mapping - Common Weakness Enumeration - (CWE) CWE ID 265

[6] Standards Mapping - SANS Top 25 2009 - (SANS 2009) Improper Access Control - CWE ID 285

[7] Using Permissions