[Secure Programming in Android] kernel #00-do not store unencrypted sensitive information in external storage (SD card)

 

Android provides several options for storing persistent application data, one of which is external storage (/sdcard,/mnt/sdcard ). External Storage includes a micro-or standard-sized SD card inside the device, an Android device memory card mounted to the PC, and an Android/obb directory.

In versions earlier than Android, the files stored in external storage are world-readable (which can be read by any user) and world-writable (which can be written by any user ). From Android4.1 to Android4.3, when an app wants to write data to any file in external storage, it only needs to declare the WRITE_EXTERNAL_STORAGE permission in the AndroidManifest file. However, from Android4.4, a directory-based Group Creation and file mode is introduced, which enables an app to have the read and write permissions on files only under the directory named by its own package name in external storage. Non-system-level apps are only allowed on Android/data/ . Therefore, the read and write permissions of each app are independent and cannot be accessed from each other.

Due to the insufficient access permissions described above, the files written to external storage may be modified and read by different apps on the same device (versions earlier than Android 4.4 ).

Android API Guide [Android Guild 2013] provides the following warning about Storage Options: If you mount or directly remove external Storage to a PC, external Storage will become unavailable, there are no security measures to ensure that files are stored in external storage. All applications can read and write files stored in external storage, and users can delete them at will.

Developers should not store unencrypted sensitive information in external storage, because external storage files cannot guarantee availability, integrity, and confidentiality.

[Sample code that does not meet security requirements]

The following code creates a file in the external store and stores sensitive information.

 

private String filename = myfile private String string = sensitive data such as credit card numberFileOutputStream fos = null; try {  file file = new File(getExternalFilesDir(TARGET_TYPE), filename);  fos = new FileOutputStream(file, false);  fos.write(string.getBytes());} catch (FileNotFoundException e) {  // handle FileNotFoundException} catch (IOException e) {  // handle IOException} finally {  if (fos != null) {    try {    fos.close();    } catch (IOException e) {    }  }}

 

[Concept verification]

The file directory structure of an application that is generally stored in external storage is as follows:

 

/sdcard/Android/data/com.company.app/files/save/appdata/save_appdata

 

[Security-compliant solution #1 save the file to internal storage]

The following code creates a "myfile" file in the data directory of the application using the openFileOutput () method, and sets the access permission to MODE_PRIVATE, so that other apps cannot access the file.

private String filename = myfileprivate String string = sensitive data such as credit card numberFileOutputStream fos = null; try {   fos = openFileOutput(filename, Context.MODE_PRIVATE);   fos.write(string.getBytes());   fos.close();} catch (FileNotFoundException e) {  // handle FileNotFoundException} catch (IOException e) {  // handle IOException} finally {  if (fos != null) {    try {      fos.close();    } catch (IOException e) {    }  }}

[Security-compliant solution #2]

Before saving an object to external storage, encrypt the object content.

 

-- Welcome to reprint, please indicate the source of http://blog.csdn.net/asce1885, do not use for commercial purposes without my consent, thank you --