The program requests permission to access the device's GPS location.
Access to GPS location information can compromise a user's privacy and personal safety. Programs that require access to GPS location information must be careful to manage it with the utmost caution.
Example 1: The following code requests permission to ACCESS_FINE_LOCATION
.
<permission android:name="android.permission.ACCESS_FINE_LOCATION"
android:permissionGroup="android.permission-group.LOCATION"
android:protectionLevel="dangerous"
android:label="@string/permlab_accessFineLocation"
android:description="@string/permdesc_accessFineLocation" />
[1] Standards Mapping - OWASP Top 10 2004 - (OWASP 2004) A2 Broken Access Control
[2] Standards Mapping - OWASP Top 10 2010 - (OWASP 2010) A6 Security Misconfiguration
[3] Standards Mapping - FIPS200 - (FISMA) AC
[4] Standards Mapping - Common Weakness Enumeration - (CWE) CWE ID 265
[5] Standards Mapping - SANS Top 25 2009 - (SANS 2009) Improper Access Control - CWE ID 285
[6] Securing the Presidential Blackberry PC World
[7] Using Permissions