App Development

Android N: Scoped Directory Access Overview

For years, Android has been improving its file storage system. With each new release, developers have been provided with new and updated APIs to work with. From improved security measures to maintaining users privacy, the Android file system (and how developers can access it) continues to evolve. Of course, Android N continues this tradition.

In the past, when a developer wanted to save a file, there were really only two options available. The first way is to save the file inside of your app’s private data directory. This solution works fine for most use cases, but it does mean that only that app will be able to access the file. So what if you want to save a file to an external directory that your users can access outside of your app? This question brings us to the second method: accessing the device’s external storage.

Before Android N, developers had two permissions they could use to request access to external storage: READ_EXTERNAL_STORAGE and WRITE_EXTERNAL_STORAGE. As the names imply, they allow the app to read and write absolutely any file on external storage. While this system does work, it is understandably scary for many users. It can be unsettling to trust an app with access to all of your external files. Android N provides a new mechanism for accessing files called Scoped Directory Access which aims to solve this problem.

With Scoped Directory Access, developers have the ability to request access to only one specific directory in the device’s file system. The list of possible directories is defined by the system, and currently includes: Music, Podcasts, Ringtones, Alarms, Notifications, Pictures, Movies, Downloads, DCIM, and Documents.

When the request for access is made, the system will check if the permission has already been granted. If the app does not currently have permission to access that specific directory, the user will receive an alert dialog requesting permission, just like newest permission dialogs added in Marshmallow. Once the app has been granted permission, it can continue to read and write from that directory (and only that directory) without repeatedly prompting the user. There is even an API for requesting the same directory specific access on removable media, such as SD cards and USB drives. (Note: When access is granted to a directory, the app also gains access to all of the subdirectories within that directory.)

Android N is a major step forward in the progression of Android file system access. Scoped Directory Access combined with the ability to turn individual permissions on and off from Marshmallow gives the user a tremendous amount of control over any apps behavior. Once N is released publicly, android users will be empowered to control their own security at a finer level.

For more information, check out the documentation here:

Security Scanning and Automation in a CI/CD Pipeline: Being Proactive In Security

Exposition How do we make our applications more secure upon release? Over the...

Read the article