launcher/docs/security.md

+++
  weight = 30
+++

# Security Considerations

In order to launch apps, μLauncher obtains a list of all apps installed on the device.
This includes apps from other profiles such as the [private space](/docs/profiles/#private-space)
and the [work profile](/docs/profiles/#work-profile).

μLauncher aims to be minimal software. Functionality that can be provided
by other apps[^1] is not integrated into μLauncher itself,
thus allowing user to install only what they need.

[^1]: For example [daily wallpapers](/docs/examples/wallpapers/)

{{% hint info %}}
μLauncher does **not connect to the internet**.[^2]
Functionality that would require an internet connection will not be implemented.
In particular, μLauncher contains no ads and no trackers.
{{% /hint %}}

[^2]: Certain functions, such as the buttons in the meta section may prompt the browser
to open a website, but μLauncher itself does not open internet connections.


## Requested Permissions

μLauncher requests several permissions:

 *  [`android.permission.REQUEST_DELETE_PACKAGES`](https://developer.android.com/reference/android/Manifest.permission#REQUEST_DELETE_PACKAGES)
 *  [`android.permission.QUERY_ALL_PACKAGES`](https://developer.android.com/reference/android/Manifest.permission#QUERY_ALL_PACKAGES)
 *  [`android.permission.ACCESS_HIDDEN_PROFILES`](https://developer.android.com/reference/android/Manifest.permission#ACCESS_HIDDEN_PROFILES)
 *  [`android.permission.EXPAND_STATUS_BAR`](https://developer.android.com/reference/android/Manifest.permission#EXPAND_STATUS_BAR)
 *  [`android.permission.POST_NOTIFICATIONS`](https://developer.android.com/reference/android/Manifest.permission#POST_NOTIFICATIONS)
 *  [`android.permission.BIND_ACCESSIBILITY_SERVICE`](https://developer.android.com/reference/android/Manifest.permission#BIND_ACCESSIBILITY_SERVICE)
 *  [`android.permission.BIND_DEVICE_ADMIN`](https://developer.android.com/reference/android/Manifest.permission#BIND_DEVICE_ADMIN)


### Accessibility Service

μLauncher's accessibility service can be used to lock the screen and
to open the list of recent apps.

{{% hint danger %}}
Enabling μLauncher's accessibility service grants excessive permissions to the app.
Do not enable the accessibility service if you don't need it.
Before enabling, make sure that you obtained your copy of μLauncher from a source you trust.
The official sources can be found [here](https://launcher.jrpie.de/).
{{% /hint %}}

Due to [Accrescent's policy](https://accrescent.app/docs/guide/publish/requirements.html#androidaccessibilityserviceaccessibilityservice) on accessibility services,
the version of μLauncher published on Accrescent does not contain an accessibility service.


### Device Administrator Permissions

Device Administrator permissions can be used for locking the device as an alternative to using the accessibility service.
This is the preferable option, as the required permissions are far less intrusive.
However, this method is (ab)using an API intended for emergency situations,
hence unlocking using weak authentication methods (fingerprint, face detection)
is not possible.

## Crash Reports

For privacy reasons, μLauncher does not collect crash reports automatically.
However, crash reports help a lot for debugging issues. Thus when a crash occurs,
μLauncher shows a notification allowing the user to share the report voluntarily.
When sharing a crash log, please make sure that it doesn't contain personal information.

## Reporting Security Issues

For security related issues, please use the contact information
from the [security.txt](https://jrpie.de/.well-known/security.txt) on my website
or [report a vulnerability](https://github.com/jrpie/Launcher/security/advisories/new) on github.

{{% hint danger %}}
Please do not report security issues using github's issue feature!
{{% /hint %}}