I know that Google Play applications cannot do anything that is not spelled out in their
AndroidManifest.xml and will be blocked from doing so. I want to know if non-Google Play applications are locked down with the same security measure.
Will Android tell me what permissions they require before installation and block functions that use permissions not noted in the manifest of non-Google Play apps? Because Google says:
In the event that an application attempts to use a protected feature which has not been declared in the application's manifest, the permission failure will typically result in a security exception being thrown back to the application. Protected API permission checks are enforced at the lowest possible level to prevent circumvention. An example of the user messaging when an application is installed while requesting access to protected APIs is shown in Figure 2.
Does this apply to non-Google Play apps?View original question