Status Update
No update yet.
Comments
lb...@gmail.com
Oh, worth noting that rule from that sample project works fine if Lint run via console.
ad...@google.com
Hi all! I face the same issue when using AS 4.2.2. I've tried on macOS and on Windows, but I can't see highlighting. I don't see highlighting neither opening the project nor after running :app:lint command (but I can see errors in the console).
lb...@gmail.com
I also experience this issue, the only fix that worked for me was to manually copy the generated jar file for the rules into ~./android/lint. Doing this enabled the highlighting in AS (tested on macOS)
Description
That's incorrect and doesn't really fully protect people. Things to think about it:
1. Apps can still read sensitive data when such apps declare they are for people with disability. So this is not protecting this audience, only the rest.
2. Apps can be installed outside the Play Store
3. Play Store shouldn't be the one to encourage blocking functionality of apps, and Android shouldn't reduce its functionality just because of security. It doesn't always have to be this way, that the way to improve security is to reduce functionality.
There is a better solution to this, which is a better compromise:
A flag that will trigger a confirmation if it's ok to read from there or not, like a permission.
Each app that needs extra protection would have a flag being set (can be in manifest in the application level, can be in Activity tag there, and can be during runtime), which will make the OS more alert about apps reading content from it.
Each time an app with accessibility tries to read from such sensitive places, the OS will ask if it's ok to let the app read it, and will not let this app also decide where to press.
It can have multiple options, such as "just once", "always for this app", "only here", etc...
It will also have "remember my selection" checkbox, turned off by default.