1. mburks38's Avatar
    I'm noticing a lot of apps asking for access to the shared files on my phone. Why do they need this and should I give it to them?

    Posted via CB10
    09-13-13 11:06 AM
  2. Produktyf's Avatar
    Applications by default contain private data directory accessible only by that application and applications can freely read/write to that directory as they wish (no need for user granting such permission). The user however does not have direct access to that directory (its for security reason so no other application can see other application's data).

    The Shared Files permission is required to be granted by the user to the application in order for the application to be able to read or write files from any directory (Documents, Downloads, Photos, etc) accessible by the user.

    So if application asks for this permission there is a good chance the app has functionality which reads or writes files (ex. upload of a photo, making a backup file, etc).

    Properly designed application will still launch even when user does not grant this permission at first start-up and will function. As soon as the user tries to invoke function which requires this elevated access the application should handle situation where this access was not granted and display informative message instructing the user to grant this permission in BB settings and (hopefully) explaining the reason why this is needed.

    It is a good practice I follow (as a user) to always Deny all permissions on first startup and then selectively as I use the application and need certain functionality to grant on case by case basis.

    Our apps including Money Plus require Shared Files permission in order to copy a backup file to the Documents folder or read backup file (for data restore) from the Documents folder but still function without this permission. However as soon as backup or restore is attempted we display the following message (see attached).

    Hope this helps!

    Application Permissions - Shared Files-shared_no_access.png
    mburks38 likes this.
    09-13-13 11:43 AM
  3. mburks38's Avatar
    Great information! I do usually deny permissions initially and like you said grant them selectively based on app functionality. Thank you!

    Posted via CB10
    09-13-13 12:25 PM
  4. rsteer's Avatar
    I also generally deny the permissions, and almost never grant them, ever. Occasionally I will let a map application know my location, but usually not even that.

    The key issue is really that permissions do not seem to be managed at an appropriate level of granularity.

    Many apps may need access to store something in your Documents folder, but they should have no need to be able to access ALL of your files EVERYWHERE -- on the device, on media cards, and in the cloud. That's what (as an example) the Amazon Appstore app REQUIRES (it won't even open without those permissions), which strikes me as an insane compromise of security. (The Amazon Appstore also won't run unless I allow it to access my real-time location, which also seems absurd.)

    One thing people like about Blackberries is their supposedly higher level of security than other devices -- which is essentially thrown out the window if you have to give apps access to ALL of your data, including cloud data storage that you share with both your BB and your computer(s).

    The appstore, for instance, should only *require* access to one folder -- Downloads -- in order to save purchased apps. And if you have an Amazon account, they shouldn't need to know your location -- they don't know my location when I order things through the rest of Amazon... I don't know if it's Amazon's laziness or Blackberry's insufficiently-granular permissions that causes them to ask for access to EVERYTHING, but either way it creates a big data-compromise risk.
    FF22 likes this.
    08-22-14 07:51 AM
  5. FF22's Avatar
    While I agree with RSTEER above to some extent, obviously if you download a photo editing app, it will need access to your photo file folder both to read the original photo and to write back any saved, edited photo. Similarly, depending on the app it will need some permissions. If the app has a share function, it probably will need access to the internet or data.

    But I agree that most apps should not need MY LOCATION or access to my PHONE (what does that mean, anyway?) or my contacts.

    While the array of Permissions offered on the older BBOS devices was overwhelming in some respects, it really offered almost total control. Now we've gone the other way. Few Permissions and no access to then for Android apps. I hope that BB did not sell its soul and certainly not OUR souls in its agreement with Amazon and gives us back better control over Permissions.
    08-22-14 11:17 AM

Similar Threads

  1. Ext SDCard Files with Zero size bug
    By wasalph in forum BlackBerry Z10
    Replies: 5
    Last Post: 02-05-14, 11:50 AM
  2. How do you find file names on Playbook?
    By BCLoco in forum BlackBerry PlayBook OS
    Replies: 8
    Last Post: 09-16-13, 03:46 AM
  3. Encrypted Messaging application - Seeking developer assistance
    By cryptotech in forum Developers Lounge
    Replies: 2
    Last Post: 09-14-13, 03:41 AM
  4. Need help sharing contacts
    By jagrlover in forum BlackBerry 10 OS
    Replies: 3
    Last Post: 09-13-13, 04:15 PM
  5. Replies: 1
    Last Post: 09-13-13, 05:17 AM