0

In previous versions of Android one could go to Personal > Security and there disable the Unknown sources setting in order to install freely APKs from unknown origins. In Androi Oreo this was changed and this field is no longer in the Settings. I looked everywhere and was unable to find it. So now, when my app tries to install another APK from an unreliable source, I get a Popup saying "Allow Google to regularly check device activity for security problems..." with a Decline and Accept options.

My question: imagine that I factory reset my Android Oreo device, is there a setting that I can set or a system property to modify that will prevent this anoying popup to appear? Does someone know how to disable its appereance?

PS: Please don't answer "just hit decline". That is not the answer I am looking for, nor a viable option.

Storo
  • 303
  • 2
  • 8
  • 21

1 Answers1

0

In previous versions of Android, one could control the system-wide app installation from unknown sources, which saved time but was risky. Having refined control over settings makes your device more secure.
Moreover, the mechanism has now been shifted to app-specific instead of system-wide, that is you can now control app installation from particular apps.
In order to modify that, head to settings and search for 'Unknown Sources', and you'll find Special App Permissions. In order to always allow a specific app to install apps, toggle it 'allowed'.

Danish Shakeel
  • 838
  • 1
  • 5
  • 12
  • Hello @Danish Shakeel, the app I want to allow installation of unreliable apps is in the /system partition but does not appear in the list. I can only see Chrome and Explorer. Do you know why? – Storo Oct 28 '19 at 17:39
  • Which app is it? Please share the complete location. – Danish Shakeel Oct 28 '19 at 17:40
  • It is an app called ProvisioningManager that we built and installed it in the /system/priv-app/ folder. The full path to the APK is /system/priv-app/ProvisioningManager/ProvisioningManager.apk. – Storo Oct 28 '19 at 17:42
  • DOWNLOAD_WITHOUT_NOTIFICATION is irrelevant here. @Storo you need to request permission INSTALL_PACKAGES (only for system apps) or REQUEST_INSTALL_PACKAGES in app manifest. In latter case send intent ACTION_INSTALL_PACKAGE. – Irfan Latif Oct 28 '19 at 21:05
  • @IrfanLatif a third-patry app installed in the /system/priv-app/ can have the INSTALL_PACKAGES permission even if not signed with system keys? – Storo Oct 29 '19 at 12:49
  • @Storo I'm not a developer but as docs say “Not for use by third-party applications”: https://developer.android.com/reference/android/Manifest.permission.html#INSTALL_PACKAGES – Irfan Latif Oct 29 '19 at 13:20
  • @Storo Does your package's Manifest.xml have <uses-permission android:name="android.permission.INSTALL_PACKAGES... I was trying to allow an app through adb but it is trailing an error that is because of how the app's manifest.xml is built. – Danish Shakeel Oct 29 '19 at 13:27
  • 1
    @DanishShakeel system permissions can't be granted or denied, those just need to be requested in Manifest. But the app must be a system app, not just placed in /system directory. You may try to trick the OS grant a system permission to non-system app, if rooted: https://android.stackexchange.com/a/217522/218526. REQUEST_INSTALL_PACKAGES can be granted to a non-system app (if requested in Manifest) by appops set <PKG> REQUEST_INSTALL_PACKAGES allow or through GUI. – Irfan Latif Oct 29 '19 at 21:16
  • @IrfanLatif, I need to sign my app with system key or having it in priv-app is enough?On a side note, please post your comment as a solution since it is clearly a candidate. – Storo Oct 30 '19 at 13:50
  • @Storo as I said I'm neither a ROM nor app developer but AFAIK you need to sign your app with platform key, plus whitelist required permission in /etc/permissions/privapp-permissions-XYZ.xml. However REQUEST_INSTALL_PACKAGES isn't a bad option either. Related: https://android.stackexchange.com/a/216092/218526. I think my answer would be more development related, not suitable on https://android.stackexchange.com. – Irfan Latif Oct 30 '19 at 16:44