[scarface74]

That shows the larger problem with Android. An app shouldn’t need access to your file system to send a photo. It should bring up a system provided photo picker and once the user chooses a set of files, the OS should give it a read only access to the file.

If a photo management app needs access to your photos, you should be able to give it access to your photo library.

[amelius]

I don't think that's the solution because apps may easily "bribe" the user into giving the app more access than it strictly needs. The bribing goes like: "sorry, but if you don't give me full access, then you can't use me". Simple, but very effective in most cases.

A better solution (imho) is to make the app think it has access, while in reality its access is limited to a sandbox.

[scarface74]

That’s still a problem with the OS. Why does any app need access to the file system instead of the users photo library or access to certain files in a document store where the app only has read access to files that the user explicitly chooses in a system provided file picker or can write files to a location that the user chooses?

[devxpy]

https://developer.android.com/training/secure-file-sharing/r...

read up!

[scarface74]

It’s fine that it’s an option but there is still nothing on the OS stopping an app from getting more permission. Why is the other permission even an option?

[devxpy]

Just a matter of freedom vs security I guess?