Confirm
716
edits
Changes
→Differences between "data sources" and activities/intents
We haven't figured out the security aspects of exposing write access to the "contacts" data sources, without worrying that a rouge app could simply delete or corrupt all the user's contacts. A simple yes/no security dialog doesn't feel like enough to protect the user. So for now we are sadly relying on similar mechanisms that we use to protect TCPSocket and SD-card access, i.e. signatures from a trusted party.
We also haven't figured out to how to ensure that an app that has write access to contacts follows whatever format a contact should have.
So for v1 I would recommend to punt on "data sources".
