Android permission 3: Share UID and signature

Source: Internet
Author: User

Shared uid

Every androidpackage (.apk) installed on the device is assigned to a unified Linux User ID and a sandbox is created for it to prevent other applications (or other applications) from being affected ). The User ID is assigned when the application is installed on the device and remains permanently on the device.

With the shared user ID, multiple APK with the same user ID can be configured to run in the same process. by default, the system can access any data from each other. you can also configure to run different processes and access the databases and files in the data directory of other APK files. just like accessing the data of this program.

For an APK, to use a shared uid, you must take three steps:

1. Add the Android: shareduserid attribute to the manifest node.

2. Add the local_certificate definition in Android. mk.

If the above attribute is added but the local_certificate corresponding to it is not defined, the APK cannot be installed. The error message is: Package com. Test. mytest has no signatures that match those in shared user Android. uid. system; ignoring! That is to say, only two application signatures with the same signature and the same shareduserid tag will be assigned the same user ID. For example, if all media/download related APK files use Android. Media as shareduserid, they must have the same signature media.

3. Put the APK source code under the packages/apps/directory and compile it with MM.

For example.

All android. UID. the system will first add Android: shareduserid = "android. UID. system ", and then in Android. add local_certificate: = platform to MK. For more information, see settings.

All android. UID. for shared uid APK, Android: shareduserid = "android. UID. shared ", and then in Android. add local_certificate: = shared in MK. For more information, see launcher.

All android. media will add Android: shareduserid = "android. media ", and then in Android. add local_certificate: = media to MK. See Gallery.

 

In addition, any file created by the application will be assigned the user ID of the application and cannot be accessed by other packages normally. When getsharedpreferences (string, INT), openfileoutput (string, INT), or openorcreate database (string, Int, sqlitedatabase. cursorfactory) when creating a new file, the developer can simultaneously or separately use the mode_world_readable and mode_world_riteable labels to allow other packages to read/write this file. After these flags are set, the file still belongs to its own application, but its global read/write and read/write permissions have been set, so any other application can see it.

 

 

 

 

Signature:

 

There are four default signatures in the build/target/product/security directory for Android. mk to compile the APK:

1. testkey: Common APK, which is used by default.

2. Platform: This APK completes some of the core functions of the system. After access to the existing folders in the system, the UID of the process in which the APK is compiled is system.

3. Shared: the APK needs to share data with the home/contacts process.

4. Media: This APK is a part of the Media/download system.

The android. mk of the application contains a local_certificate field, which specifies the key used for signature, and testkey is used by default if not specified.

 

 

 

 

 

Reference:

 

How to modify the system time in Android (the application obtains system permissions)

Http://blog.csdn.net/liujian885/archive/2010/03/22/5404834.aspx

Android-shareduserid data permission

Http://wallage.blog.163.com/blog/static/17389624201011010539408/

Runtime.exe C permission problems

Http://blog.csdn.net/yihua0001/archive/2010/07/23/5758980.aspx

About Signature

Http://blog.csdn.net/duandianGG/archive/2010/07/21/5752568.aspx

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.