• [deleted]

  • Post #6
  • Edited

We really should not be recommending GCam-services-provider anymore. It's highly fragile, it re-uses the official GSF app ID, it breaks signature checked APIs which will occur when other apps see "fake GSF", etc.

Just install Google Services Framework (GSF) from our Apps app. It not only makes GCam work, it can also make other apps work that depend on GSF just fine. GSF doesn't use network and can be revoked with zero issues.

MetropleX I have GSF, Play services, and the Aurora store, but not the Play store.

    matchboxbananasynergy I do not even know what the Gcam Services Provider is. I had installed the sandboxed GSF/Play Services like you describe.

    Could someone explain to me what is the Gcam service provider? Did I inadvertently install it without understanding how?

        Mattias It is likely that Google Camera can communicate with Google Play Services via mutual consent. If you are allowing Network access to Google Play Services, that's a "way out".

        You can install GSF and Google Camera in a different profile if you're worried about that, and you can use a USB drive to transfer the images between profiles, or utilize a cloud storage provider and use Cryptomator to encrypt them.

        Edit: My previous comments about Gcam Services Provider was a reply to another post, not your initial question. Apologies if that was unclear.

          Mattias I'm also concerned about the very broad 'Files and Media' permission. On iOS there are a couple permissions: 'Add media only' where the app cannot read existing media, and 'Selected media only' where you can pick individual photos to be accessible to an app. How can I achieve such granular control?

          Hi Mattias, thanks to strictly enforced scoped storage on Android 12.1 you can know for certain what files have access to, apps that use storage but just their own private area will not require use of the Files and Media Permission.

          Apps such as GCam will be restricted to access MEDIA only under the permission model. This tends to also be the case with apps targeting up to date API/SDK levels in regards to Gallery apps etc and this will be outlined under the permission tab for Files and Storage as MEDIA ONLY.

          If you take SimpleMobileTools Gallery as an example though under the same Files and Storage Permission you will find 3 options: Don't Allow, Allow access to media only, Allow management of all files.

          It is the latter, Allow management of all files, which is the one to be wary of, any app requiring (MANAGE_EXTERNAL_STORAGE), under Android 12.1 should be limited to:

          File managers
          Backup and restore apps
          Anti-virus apps
          Document management apps
          On-device file search
          Disk and file encryption
          Device-to-device data migration

          Any app other than that is likely targeting an outdated SDK and/or malicious. Even then apps within that list should be treated with caution if granting said management of all files element of the Files and Storage permission.

              MetropleX Thanks for that info. Now I understand what those permissions do, but I am still concerned about restricting which photos are accessible to a given app. For example if I want to send a photo through a messaging app, how do I do that without giving the app access to EVERY photo?

                  Mattias You could use an app like Cryptomator to store your images in an encrypted vault and only leave in storage the image you need. I'm sure there are other solutions but that's what I can think of right now. Will get back to you further if I think of anything further.

                    Mattias If we take Signal as an example, you can deny it any kind of storage access (via permissions), then go into your Gallery app and share the image that you need with Signal in order to send it. That way, Signal cannot see any other photos, except for the one that you share with it.

                        Mattias Unfortunately, Android doesn't have a way to natively do this yet, but when Android 13 rolls out and apps get updated for that API level, they will have the option of showing a selective photo picker, similar to that in iOS. Read here for info about how this feature will work. It seems like this is exactly what you want, so while it isn't exactly a solution for right now, apps should begin getting updated for this within a few months after Android 13's rollout. Hope that helps!

                          7 days later
                          2 months later

                          matchboxbananasynergy
                          Sorry for bumping an old thread. I have a question about this. This method you described work with Signal but not with Facebook messenger Lite? With Signal I can revoke all permissions but still share select images from the gallery. With messenger I come to the step where I choose what contact to send to, and I get an error message: "Unable to send file".

                              5 months later

                              TrustExecutor checking on messenger (not lite) it request access to all fotos even if you share from the gallery. which is not very surprising considering facebook EtHiCs.

                                4 months later