Why does the AOSP phone app need camera permissions?

collector

It should only need Phone and Contacts permission. Maybe sensors too for the proximity sensor. But why does the phone app also needs comera, sms and, location permissions.

User11

collector For the experiment to be fluid on the stock OS. Not everyone wants to go take a look in the privacy settings. If a user wants to share their position live or switch from voice to video it is fluid.

de0u

collector I think carriers communicate voicemail-waiting status via text messages.

collector

But can is it possible to do that in the phone app?

de0u

collector If you call somebody with the same carrier, and the carrier supports video calling, it may show up as an option during a call (I have had that happen). For that to work the phone app needs camera access.

User11

collector Google's Phone app is based on it

collector

so it's probably fine to deny it right? Currently I'm setting up my phone to give apps the absolute minimum permissions they could need.

de0u

collector Disabling apps that ship with the system, or removing permissions from them, or disabling certificates that ship with the system, is not recommended. This is a good way to, months later, encounter puzzling failures that nobody else is familiar (which will be difficult to fix because the memory of what was disabled is gone). In some cases (disabling the built-in keyboard) it is possible to permanently lock oneself out of the device, requiring a factory reset. Overall, disabling built-in things that seem unnecessary is a good way to end up needing to start over from scratch.

I would suggest not disabling / restricting anything that ships with the system before carefully reading the source code for that thing and anything that invokes it.

N1b

collector so it's probably fine to deny it right?

As @de0u explained it's not fine (and you'll find a lot of other threads on this forum where mods and devs very actively advise against changing system app permissions). While it looks reasonable at first to go the absolute minimal route with permissions, there are good reasons those permissions are given in the first place (and not given for every non system app you install later on). The "added security" is instantly crushed by the potential bugs or crashes you might cause, which can open other security holes. All system apps are open source and pretty minimal, so I wouldn't worry about them. And the trouble you set up for yourself and the devs (if you post about the self inflicted bugs here later on) is simply not worth it in my opinion.

The way I see it is this: If you trust the GOS devs by using their system over other AOSP flavors, you should trust the out of the box setup for the system apps. If you don't trust the system app setup, you shouldn't trust the entire system.

Last but not least: I always recommend you take some time to do some basic threat modeling first. The system apps will then be your very last destination for highest level threat models, alongside removing camera hardware (also not recommended). There are most likely more effective things you can do for your personal privacy and security. For me that's definitely the case as long as I'm using an eSIM and banking apps for example.

I Hope this helps you on your journey. I was very much into fiddling with this kind of stuff as well in the beginning and realized I'm fighting the wrong battles. Focus on the actual threats that matter to you and enjoy life in the time you save by ignoring the rest. :)

other8026

collector as de0u and N1b already said, it's not a good idea to mess with system apps' permissions and other apps.

It's not an understatement to say modifying permissions for certain apps can result in unexpected behavior. I don't know if that's the case for the phone app, but there's no reason to modify its permissions anyway.

collector

Oh I didn't mean disabling the phone app just the permission apart from sms, contacts and calling stuff (call logs, mic, nearby devices) and notifications.

Edit: I misread the post originally so ignore my previous comment

MetropleX

As above, @collector it doesn't make sense to view OS components the way you are. This is not a third party app, it's part of the OS.

The permissions being listed only appears in the permission manager because this component is implemented with the app runtime. The lower level parts of the OS don't appear there. Trying to disable apps or permissions for system components based on a high and narrow interpretation doesn't make sense when it would break more than what you perceive it to represent.

Camera would be included in the dialer for example for use of VILTE (VIdeo over LTE) where provisioned. You can see the provision toggle under *#*#4636#*#* then Phone Info as just one example where the system would handle the video and not a third party app.

As for location, this is part of implementing supporting for carriers and cellular. This component being able to work with information about the cellular network and carrier counts as being location data which requires the Location permission.

It's the implementation of https://en.wikipedia.org/wiki/IP_Multimedia_Subsystem

Examples of global standards based on IMS are MMTel which is the basis for Voice over LTE (VoLTE), Wi-Fi Calling (VoWIFI), Video over LTE (ViLTE), SMS/MMS over WiFi and LTE, USSD over LTE, and Rich Communication Services (RCS)