5

If you try the Contact Manager that comes with Android 2.2 Froyo it will give you access to all contacts in the sqlite database via Contact ContentProvider. But if you write an app that is not com.android.contacts you only get access to the restricted table because of this code here:

http://www.google.com/codesearch/p?hl=en#cbQwy62oRIQ/res/values/unrestricted_packages.xml&q=unrestricted_packages&sa=N&cd=1&ct=rc

If you try any of the samples like ContactManager or any app on the market it will not have access to the full list of contacts only access to the restricted view.

The restricted table seems to only contain contacts with phone numbers and excludes some facebook contacts. I can't find any documentation on why a contact would be restricted anywhere in the developer docs?

Is there some way around this besides rooting and opening the the sqlite db manually or using a custom firmware?

rekire
  • 47,260
  • 30
  • 167
  • 264
radiofrequency
  • 873
  • 8
  • 19

3 Answers3

1

Is there some way around this besides rooting and opening the the sqlite db manually or using a custom firmware?

No.

CommonsWare
  • 986,068
  • 189
  • 2,389
  • 2,491
0

Security.

Would be too easy for a rogue app to do something malcious (such as send itself to all your contacts).

Saideira
  • 2,374
  • 6
  • 38
  • 49
  • no. That is the purpose of the application privilege manifest entries. This appears to be a way for firmware makers to circumvent the app privilege system to prevent apps to access the contact db. – radiofrequency Jul 07 '11 at 21:39
0

Did you specify android.permission.READ_CONTACTS in your manifest?

What leads you to believe this subset of Facebook contacts publish their phone number in their info?

CrackerJack9
  • 3,650
  • 1
  • 27
  • 48
  • yes i specify this in my application. I guess this isn't a question more of information that firmware makers can prevent access to contacts available via the contact provider. Users of my phone book application often complain about contacts that are not available in the application vs their default phonebook application. – radiofrequency Jul 31 '11 at 19:27
  • @radiofrequency This is more than a bit old, but you seem to have it the other way around. This isn't a matter of restricting access that would otherwise be unrestricted, it's a matter of unrestricting access that would otherwise be restricted. As far as I can tell, the default state is for (user?) data marked as restricted to be (partially) inaccessible unless explicit permission is granted in that system resource XML file. That allows firmware developers to grant unrestricted access of sensitive data to packages they know they can trust (which could be abused, but that's another matter). – JAB Jan 21 '14 at 20:10