I just updated one app from Firebase 9.0.0 to Firebase 9.0.2.
I use messaging + ads.
compile 'com.google.firebase:firebase-messaging:9.0.2'
compile "com.google.firebase:firebase-ads:9.0.2"
Now a lot of unwanted permission have cropped up
android:name="android.permission.READ_PHONE_STATE"
android:name="android.permission.READ_EXTERNAL_STORAGE"
android:name="android.permission.WRITE_EXTERNAL_STORAGE"
I didn't add those permissions anywhere, so they must be from Firebase.
I know my clients don't like these permissions, so I removed them with
<uses-permission
android:name="android.permission.READ_PHONE_STATE"
tools:node="remove" />
<uses-permission
android:name="android.permission.READ_EXTERNAL_STORAGE"
tools:node="remove" />
<uses-permission
android:name="android.permission.WRITE_EXTERNAL_STORAGE"
tools:node="remove" />
My app still works, messaging and ads still work, still I'd like my suspicions confirmed.
Why does Firebase add those permissions and is it really ok to remove them like I did?
This issue was fixed in 12.0.1. Source https://developers.google.com/android/guides/releases
March 28, 2018 - Verison 12.0.1
Issues fixed in 12.0.1:
- Fixes issue that caused spurious Android lint errors claiming
GoogleSignIn and CredentialsClient were internal-only.
- Adds missing
minSdkVersion in -license artifacts to prevent automatic inclusion of
READ_PHONE_STATE and READ_EXTERNAL_STORAGE permissions.
- Restores
unique package names for runtime linked -license artifacts which
affected some build systems' (e.g. Ionic Pro) compatibility issues.
- Restores some fields names that were obfuscated in 12.0.1, namely the
value() method of @PropertyName annotations in firebase-firestore and
firebase-database.
android:name="android.permission.READ_PHONE_STATE"
android:name="android.permission.READ_EXTERNAL_STORAGE"
android:name="android.permission.WRITE_EXTERNAL_STORAGE"
these permissions are different they are not used in fcm.
PHONE_STATE permission to know current state of phone
and READ_EXTERNAL_STORAGE and WRITE_EXTERNAL_STORAGE to add and delete file in memory from your app, if you are not using any of these functionalities you can remove it.
{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://img.manongdao.com/sparkler-677774__340.jpg', '推荐 在下西门庆 的文章《Firebase + Permissions》','https://www.manongdao.com/article-741079.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}