14

By including the following <intent> element within the <queries> tag in the AndroidManifest.xml file, I can access a list of all installed apps on a device:

<queries>
    <intent>
        <action android:name="android.intent.action.MAIN" />
    </intent>
</queries>

Since most Android apps have a launcher activity, doing the following returns all the apps installed in an android device:

getPackageManager().queryIntentActivities(new Intent(Intent.ACTION_MAIN), PackageManager.MATCH_ALL)

Isn't this a potential privacy loophole and almost equivalent to the very sensitive QUERY_ALL_PACKAGES permission? I see so many apps with this intent element under the queries element in their manifest files.

Improve this question

1 Answer 1

Reset to default
4

doing the following returns all the apps installed in an android device:

FWIW, that code returns activities, not apps.

Isn't this a potential privacy loophole and almost equivalent to the very sensitive QUERY_ALL_PACKAGES permission?

Yes, which is why I and others wrote about this years ago.

Bear in mind that Google (and other app distributors) could penalize developers for having overly-broad <queries> requests.

Improve this answer
2
  • The article was really helpful, thanks. Is it normal for apps to whitelist ACTION_MAIN in their manifest files? Most top apps in my region do this. Apart from the launcher apps to do this, I am trying to think of a legitimate case where say, an e-commerce app or an OTT app would need this. I fear most of these apps are using this loophole for user profiling and targeted advertising.
    – pb_
    Commented Mar 22 at 12:41
  • @pb_: "Is it normal for apps to whitelist ACTION_MAIN in their manifest files?" -- I have no idea, sorry.
    – CommonsWare
    Commented Mar 22 at 13:25

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.