Effects and Ramifications

Certain types of apps will be able to cope using the whitelist mechanism. Launchers, for example, will be able to request, via the whitelist, to be able to see all MAIN/LAUNCHER activities, and be able to function more or less as before. Similarly, integration between a known pair of apps — such as the client binding to the service described above — can be whitelisted, since those apps are known in advance.

Apps that need flexibility across both whitelist axes — needing to know about arbitrary components in arbitrary packages — are in deep trouble. While QUERY_ALL_PACKAGES offers an escape hatch, it is a risky one for apps distributed via the Play Store. So, for example, various types of anti-malware app need that sort of flexibility. In theory, these apps should be eligible for QUERY_ALL_PACKAGES usage. In practice, unless you have a deep relationship with Google, you need to assume that your app will be targeted for removal.

To see all of this in action, the QueryPackages sample module in the book’s sample project has a UI that lists the outcomes of the following sorts of calls on PackageManager:

• getInstalledApplications()
• getInstalledPackages()
• getPackagesHoldingPermissions() for the INTERNET permission
• queryBroadcastReceivers() for ACTION_BOOT_COMPLETED broadcasts
• queryContentProviders()
• queryIntentActivities() for the launcher activities

These are then presented in a long scrolling list with section headers, courtesy of RecyclerView and MergeAdapter.

The project also has five product flavors, for different scenarios:

The impacts of the package visibility changes only kicks in once your targetSdkVersion rises to 30 or higher. So, if you run alfa on an Android 11 device, you will see the full range of results, but if you run bravo, you only see pre-installed applications and their components. It is unclear if this is the long-term subset that you will be able to see by default, and it is also unclear to what extent device manufacturers can tweak this behavior.

The other three flavors opt into seeing more things.

The charlie flavor wants to be able to see the ForensicPathlogist module’s package, from a sample profiled in another chapter:

<?xml version="1.0" encoding="utf-8"?>
<manifest xmlns:android="http://schemas.android.com/apk/res/android"
  package="com.commonsware.android.r.query">

  <queries>
    <package android:name="com.commonsware.android.r.forensics" />
  </queries>

</manifest>

If you have that app installed, it will appear in the list of installed apps, installed packages, and launcher activities.

The delta flavor wants to be able to see apps with launcher activities:

<?xml version="1.0" encoding="utf-8"?>
<manifest xmlns:android="http://schemas.android.com/apk/res/android"
  package="com.commonsware.android.r.query">

  <queries>
    <intent>
      <action android:name="android.intent.action.MAIN" />
      <category android:name="android.intent.category.LAUNCHER" />
    </intent>

  </queries>

</manifest>

And, indeed, if you run that flavor, you will see those activities show up in the list of launcher activities. However, in Android 11, those apps also show up in all the other lists, as appropriate. Since most apps have a launcher activity, this particular <queries> setup largely reverses the restrictions placed here by Android 11.

The echo flavor requests QUERY_ALL_PACKAGES, just as a regular permission:

<?xml version="1.0" encoding="utf-8"?>
<manifest xmlns:android="http://schemas.android.com/apk/res/android"
  package="com.commonsware.android.r.query">

  <uses-permission android:name="android.permission.QUERY_ALL_PACKAGES" />

</manifest>

Running that flavor appears to give you the same results as does the alfa flavor, where our targetSdkVersion is still 29.

So, if Google allows you to hold QUERY_ALL_PACKAGES (for apps distributed on the Play Store), you will be able to have the same behavior on Android 11 as you would on older devices. But, if you can live with just being able to opt into seeing user-installed apps with launcher activities, the <queries> structure seen in the delta flavor grants that, without QUERY_ALL_PACKAGES… assuming that Google does not change anything in future Android 11 updates.