Security and Permissions安全与权限（三）

Using Permissions 使用权限

A basic Android application has no permissions associated with it, meaning it can not do anything that would adversely impact the user experience or any data on the device. To make use of protected features of the device, you must include in your AndroidManifest.xml one or more <uses-permission> tags declaring the permissions that your application needs.
一个基本的Android程序通常是没有任何permissions与之关联的，这就是说它不能做任何扰乱用户或破坏数据的勾当。那么为了使用设备被保护的features，我们就必须在AndroidManifest.xml添加一个或多个<uses-permission> 标签，用以声明你的应用程序需要的permissions.

下面是个例子，不翻译啦！

For example, an application that needs to monitor incoming SMS messages would specify:

<manifest xmlns:android="http://schemas.android.com/apk/res/android"
    package="com.android.app.myapp" >

    <uses-permission android:name="android.permission.RECEIVE_SMS" />

</manifest>

 

At application install time, permissions requested by the application are granted to it by the package installer, based on checks against the signatures of the applications declaring those permissions and/or interaction with the user. No checks with the user are done while an application is running: it either was granted a particular permission when installed, and can use that feature as desired, or the permission was not granted and any attempt to use the feature will fail without prompting the user.
应用程序安装的时候，应用程序请求的permissions是通过package installer来批准获取的。package installer是通过检查该应用程序的签名和/或用户的交换结果来确定是否给予该程序request的权限。在用户使用过程中不会去检查权限，也就是说要么在安装的时候就批准该权限，使其按照设计可以使用该权限；要么就不批准，这样用户也就根本无法使用该feature,也不会有任何提示告知用户尝试失败。

Often times a permission failure will result in a SecurityException being thrown back to the application. However, this is not guaranteed to occur everywhere. For example, the sendBroadcast(Intent) method checks permissions as data is being delivered to each receiver, after the method call has returned, so you will not receive an exception if there are permission failures. In almost all cases, however, a permission failure will be printed to the system log.
很多时候, 一个permission failure会导致一个SecurityException被抛回该应用程序. 但是Android并不保证这种情况会处处发生。例如，当数据被deliver到每一个receiver的时候，sendBroadcast(Intent) 方法会去检查permissions,在这个方法调用返回之后，你也不会收到任何exception。几乎绝大多数情况，一个permission failure都会打印到log当中。

The permissions provided by the Android system can be found at Manifest.permission. Any application may also define and enforce its own permissions, so this is not a comprehensive list of all possible permissions.
Android系统定义的权限可以在Manifest.permission中找到。任何一个程序都可以定义并强制执行自己独有的permissions，因此Manifest.permission中定义的permissions并不是一个完整的列表（即有肯能有自定义的permissions)。

A particular permission may be enforced at a number of places during your program's operation:
一个特定的permission可能会在程序操作的很多地方都被强制实施：

At the time of a call into the system, to prevent an application from executing certain functions.

当系统有来电的时候，用以阻止程序执行其它功能。
When starting an activity, to prevent applications from launching activities of other applications.

当启动一个activity的时候，会阻止应用程序启动其它应用的Acitivity。
Both sending and receiving broadcasts, to control who can receive your broadcast or who can send a broadcast to you.

在发送和接收广播的时候，去控制谁可以接收你的广播或谁可以发送广播给你。
When accessing and operating on a content provider.

当进入并操作一个content provider的时候
Binding or starting a service.

当绑定或开始一个service的时候