Like in title. Modern Android permission system is really annoying. It assumes I do not trust installed apps and I believe was made to promote loose installing of whatever crap like loyalty cards apps, while I only install a couple of trusted apps all from F-Droid. Such module would enable faster installation of the systems and less irritation when I have to give app a permission third time this month (Android now can decide for myself and revoke permission when it thinks it’s no longer needed…).
Can you give me any example scenario of the attack?
A browser app is compromised via a JavaScript engine flaw and now has permission to install packages.
This permissions I have on for my browser anyway, also I still need to click “install” on the popup here regardless of permission switch. And with my idea I was thinking about normal permissions, not special ones.
This is easily bypassed by using the accessibility API which an all-permitted app can use to automatically handle dialogs.
But yes, if you’re thinking some permissions are more special than others, it would depend on what permissions you are enforcing.
You accidentally download malware and instead of you denying permissions it shouldn’t have it has them automatically.