Here is example of declaration notification listener service
<service
android:name="com.example.notifications.NotificationListenerService"
android:exported="true"
android:label="@string/app_name"
android:permission="android.permission.BIND_NOTIFICATION_LISTENER_SERVICE"
android:stopWithTask="false">
<intent-filter>
<action android:name="android.service.notification.NotificationListenerService" />
</intent-filter>
</service>
Is it means if android:exported="true" and BIND_NOTIFICATION_LISTENER_SERVICE permission is granted by user explicitly, then other app can use this service without asking user permission one more time? So what is security concern of setting exported to true for this particular service?
