Since Android 6.0 (Marshmallow), Google shifted to a "Runtime Permission" model. Apps no longer get all permissions at installation; they must ask for them when needed. However, managing this as a user, and understanding it as a developer, is key to device security.
Normal vs. Dangerous Permissions
Android categorizes permissions into several protection levels. The two you see most often are:
- Normal Permissions: These are granted automatically because they pose little risk (e.g., accessing the internet, setting an alarm).
- Dangerous Permissions: These require explicit user approval via a popup dialog (e.g., Camera, Location, Contacts, Microphone).
One-Time Permissions
Recent Android versions (11+) introduced "One-time permissions" for location, microphone, and camera. This is a massive privacy win. If you select "Only this time," the app loses that privilege the moment you close it.
Pro Tip: Always select "Only this time" for apps you don't trust implicitly. It prevents background recording or tracking.
Permission Auto-Reset
Another hidden feature is Permission Auto-Reset. If you haven't used an app for a few months, Android will automatically strip all its sensitive permissions. You can check which apps have been reset by going to the "Privacy Dashboard" in your settings.