Hi, thanks for your reply, but I thought that an app's own data was usually put in a place in the file structure not directly visible to users. For example, at
Storage Options | Android Developers it says "You can save files directly on the device's internal storage. By default, files saved to the internal storage are private to your application and other applications cannot access them (nor can the user)." So I don't see that an app necessarily needs access to the user-visible file structure "to create a file for its own data".
On the same web page it also says: "Every Android-compatible device supports a shared 'external storage' that you can use to save files. This can be a removable storage media (such as an SD card) or an internal (non-removable) storage. Files saved to the external storage are world-readable and can be modified by the user when they enable USB mass storage to transfer files on a computer." It then goes on to mention the READ_EXTERNAL_STORAGE and WRITE_EXTERNAL_STORAGE system permissions.
It's hard to wrap one's head around the baffling idea of calling internal storage "external", but could this be saying that the user-visible file structure on the non-removable storage is treated the same as data on removable storage as far as access permission is concerned? Could it be that permissions like "modify/delete SD card contents" also control access to the former? But then again, the same web page also says "All applications can read and write files placed on the external storage". In that case, what on earth is the point of permissions like "modify/delete SD card contents"?
I find it troubling if all apps can access all the user-visible file storage. For example, say I'm using a word processor to create a personal document, and I save it to a folder in the user-visible file structure, then it would mean that every app could see it? Although this is obviously no worse than traditional PCs where the entire file structure is visible to all programs, it does rather seem to defeat the whole purpose of the Android permissioning and the supposedly freer approach to installation of software that this encourages. If I'm creating personal documents I definitely do NOT want some random app that I downloaded to be able to access them. Similarly for photos. These seem to get saved into the user-visible file structure too. Surely this doesn't mean that all apps can access my photos? Whoever would want to allow that?
If anyone could shed any further light on these points I would be so grateful. I feel very confused.