|
|
|
|
|
|
by bmacho
211 days ago
|
|
|
Indeed, an update can't be more malicious than the permissions allow it to be. You have a calculator app with limited permissions, it is "safe" to set to allow the developer to update it. No danger in that. But I don't think it is enough, or it is the right model. In other cases, when the app has dangerous permissions already, auto-update should be a no-go. |
|
|
...in the absence of sandbox escape bugs.