alt Hacker NewsMaybe there's a middle ground between "apps can't do this" and "uploading all your data to the developers without a permissions dialog or a popup"? Could we maybe design a system where this permission requires opt in consent like every other feature on Android? Third party apps access to the feature is the issue here.
The old API works this way. Random games requested the "access all files" permission. This was bad and the rest is history.
The better middle ground is the new (9 years old) SAF API. The SAF API simply presents a directory picker to the user. The user can give the app access to any directories he likes.