There's no hanging out today. Went to the interview, the details of which company will not say, because I in the previous blog marked the names of those companies, the result of people gave me a private messages that I leaked their problems. Well, I was wrong ...
In fact, when we were already at work. We can go to the side in spare time, because the interview has a lot of advantages:
1th: You know the detailed address of the company, and later talk with friends also have a topic
2nd: This is very important. Look at other companies ' face tests (some companies are still using the pen test.) I really have no words. The topic is all from the Internet, very no meaning. So I just have to see a pen test pass, personal feeling face to now, Ali and drip is still good. They will ask you the detailed questions they encountered in the project, ask you how to solve the problem, such an answer is not sure, test you is experience.
It says so much. Let's get to the point:
Title: How to do your own defined broadcasts in Android can only be received by the specified app
Idea: In fact, the first time I thought of the answer should be to give the radio access permission, but I have been to the activity of access to the permission, so here is not sure right, but I feel that the four components of Android should be the same. Rub, the result was I was blindfolded.
haha ~ ~
We use the API form in Android, or we can use the ADB command to open an app's activity/service externally and send a broadcast. So this is very insecure for an application. That is, permissions are a protection mechanism.
Solution Ideas:
In fact, there is no technology to say, is that Android can define their own permissions, for the four components of the interview plus a layer of protection, not much to say, directly on the code:
Send broadcast:
Package Com.tt.test;import Android.app.activity;import Android.content.componentname;import android.content.Intent Import Android.os.bundle;import Android.view.view;import Android.widget.button;public class Main extends Activity { @Override public void OnCreate (Bundle savedinstancestate) { super.oncreate (savedinstancestate); Setcontentview (r.layout.main); (Button) Findviewbyid (R.id.button)). Setonclicklistener (New View.onclicklistener () {@Overridepublic void OnClick ( View v) { Intent i = new Intent ("COM. MESSAGE "); I.addcategory ("receiver"); I.putextra ("message", "haha"); Sendorderedbroadcast (i, "xvtian.gai.receiver");}});}}
Androidmanifest.xml:
<uses-permission android:name= "Xvtian.gai.receiver" ></uses-permission> <permission android: Protectionlevel= "Normal" android:name= "Xvtian.gai.receiver" ></permission>
Receive broadcast:
Package Com.tt.receiver;import Android.content.broadcastreceiver;import Android.content.context;import Android.content.intent;import Android.util.log;public class Receiver extends Broadcastreceiver {@Overridepublic void OnReceive (context context, Intent Intent) {log.d ("TAG", "Receiver Intent:" + intent.tostring ());}}
Androidmanifest.xml
<uses-permission android:name= "Xvtian.gai.receiver" ></uses-permission>
<receiver android:name= ". Receiver "android:permission=" xvtian.gai.receivers "> <intent-filter> <action android:name=" Com. MESSAGE "/> <category android:name=" receiver "/> </intent-filter></receiver>
It's simple, no matter what the technology is. In the same way we are able to protect other components of the rights (may use more than the activity access to join the rights), of course, I generally develop the application does not seem to use these things, but if you want to learn, should go to those who do security applications, such as the 360 mobile phone defender. After the decompile, open his Androidmanifest.xml file. You'll be shocked, and you can learn a lot at the same time. haha ~ ~
Demo:
http://download.csdn.net/detail/jiangwei0910410003/7973867
How to do your own defined broadcasts in Android can only be received by the specified app