程序請求訪問設備 GPS 位置的權限。
訪問 GPS 位置信息會危及用戶的隱私和人身安全。請務必謹慎管理需要訪問 GPS 位置信息的程序。
例 1:以下代碼請求 ACCESS_FINE_LOCATION 的權限。
<permission android:name="android.permission.ACCESS_FINE_LOCATION"
android:permissionGroup="android.permission-group.LOCATION"
android:protectionLevel="dangerous"
android:label="@string/permlab_accessFineLocation"
android:description="@string/permdesc_accessFineLocation" />
[1] Standards Mapping - OWASP Top 10 2004 - (OWASP 2004) A2 Broken Access Control
[2] Standards Mapping - OWASP Top 10 2010 - (OWASP 2010) A6 Security Misconfiguration
[3] Standards Mapping - FIPS200 - (FISMA) AC
[4] Standards Mapping - Security Technical Implementation Guide Version 3 - (STIG 3) APP3500 CAT II
[5] Standards Mapping - Security Technical Implementation Guide Version 3.4 - (STIG 3.4) APP3500 CAT II
[6] Standards Mapping - Common Weakness Enumeration - (CWE) CWE ID 265
[7] Standards Mapping - SANS Top 25 2009 - (SANS 2009) Improper Access Control - CWE ID 285
[8] Securing the Presidential Blackberry PC World
[9] Using Permissions