[mindslight]

An OS that represents the user would be able to grant the permission to scan only an arbitrary subset of the filesystem, with the application being none the wiser. We need to start seeing the lack of such functionality as a security vulnerability.

[aboringusername]

I agree. I don't understand why I can't say "okay, have fun with directory /nakedmolerats" and see what they do with it.

The fact an app can essentially coerce you into accepting permissions "for your safety" is something that should be against Plays TOS and met with a swift banhammer.

It should also highlight how little control we have over these black boxes, when you grant permission, even for 5 minutes, you have no idea what directories it has accessed, if it's scanning for materials or hashes, sending data to a server etc. People moaned about Apple yet here the same thing could happen just by pressing "accept", the fact it's a banking app means you're more likely to accept. No idea how this is allowed to be honest.

This could also be a big problem if you have sensitive material on device and just allow any app to access files.

[grateful]

This was my first thought also, but then I realized they'd just see there's no system files (or some marker file their app created) and block access.

[mindslight]

Then that is another security vulnerability to be patched. There should be no way for an app to tell if it is seeing the complete filesystem, or a filtered/sandboxed view.

[grateful]

Hmm that's a good idea, provide a view of generic system and the app itself..

[atatatat]

OT: excellent bio