I. Issues to be addressed
Some APIs have signature parameters (signature), the passport first verifies the signature, and the validation passes before the implementation method is executed.
The first implementation method (Origin): The code that writes the checksum in the interface that requires the signature
be defined with a node. As follows: android:icon= "drawable resource" Android:label= "string resource" android:name= "string" android:permissiongroup= " String " android:protectionlevel=[" Normal "| "Dangerous" | " Signature "| "Signatureorsystem"]/>For example, a activity could be protected as follows:Manifest. . . > PermissionAndroid:name= "Com.example.project.DEBIT_ACCT" . . . /> uses-permissionAndroid:name= "Com.example.project.DE
understand the digital certificate of Android, you must first understand the concept of the digital certificate and the digital certificate mechanism of Java.
4. Benefits of using the same digital certificate for the program
(1) conducive to program upgrade
When the new version of the program and the old version of the program's digital certificate are the same, the android system will think that the two programs are different versions of the same program. If the digital certificates of the
Android permission implementation, Android permission implementation
1. Permission
Each program is installed with a System ID, such as app_15, to protect data from being obtained by other applications. Android assigns different permissions to different users and groups, such as accessing the SD card and accessing the network. The underlying layer maps to Linux
certificate concepts and Java digital certificate mechanism.4. Benefits of using the same digital certificate for the program(1) facilitates program upgradewhen the new program and the old version of the program's digital certificate, the Android system will consider the two programs are different versions of the same program. If the new program and the old version of the digital certificate is not the same, then the Android system think they are different programs, and create a conflict, will
resources. However, Android applications can request permissions through the manifest file of the application.
Android applications allow other applications to access their resources by doing the following:
Declare appropriate manifest Permissions
The program runs in the same process as other trusted applications to share access to their data and code.
The latter is shown in figure 2.
Two Android applications run in the same process
Different applications can run in the same process. For this
application. Here are a few reasons to do this:
Application upgrade-When you upgrade your application, you need to sign the same certificate if you want the user to upgrade smoothly. When the system installs an upgrade application, the system will not allow the upgrade if the new version of the certificate matches the old version of the certificate. If you have not signed the appropriate certificate for the version, you will need to specify a new package name for the application when y
To read security-sensitive items, the program must declare related permission requests in androidmanifest. xml. The complete list is as follows:
Android. permission. ACCESS_CHECKIN_PROPERTIESAllow read/write access to the "properties" table in the checkin database. You can modify the value of the table (Allows read/write access to the "properties" table in the checkin database, to change values that get upl
If you have used LS under Linux, careful you will find that the directory has executable permissions! Such as:DRWXRWXR-X CL cl 4096 September 25 14:22.DRWXR-XR-X CL cl 4096 October 10 16:00. /Drwxrwxr-x 5 CL cl 4096 September 10:58 algorithm/Drwxrwxr-x 2 CL cl 4096 September 21:44 temp/Why?? Check on the Internet to find that is the meaning:The executable permission of the directory indicates whether you can execute commands under the directory. If th
certificate does not need to be authenticated by an authority. It is a digital certificate generated by the developer, that is, a self-signed certificate.
In the simulator development environment, programs uploaded through the ADB interface during development will be automatically signed with the debug permission before being passed to the simulator. As shown in, the eclipse menu window-> preferences-> Android-> build shows our default
applications. Or It can define its own. A new permission is declared with The NBSP;ELEMENT.NBSP; An application can also be used permissions protects its own components by using an Android-defined or other application-defined permissions, If you want to define a new permission, you can use nodes to define. As follows: android:Description="string Resource" android:icon="drawable R
. Even if the package name is the same, the impact may be:1) app upgrade. Upgrade software with the same signature can normally cover older versions of the software. Otherwise, the system will find that the new version of the signature certificate is inconsistent with the old version of the signature certificate, and the new version is not allowed to be installed
. Otherwise, the system will find that the new version of the signature certificate is inconsistent with the old version of the signature certificate, and the new version is not allowed to be installed successfully. 2) app Modularization. The Android system allows identical apps to run in the same process. If they run in the same process, they are equivalent to the same app, but you can upgrade them separa
same certificate for signature. This is because only the same certificate signature is allowed to install the upgraded application. If you use different certificates, the system requires your application to use different package names. In this case, it is equivalent to installing a brand new application. If you want to upgrade the application, the signature cert
When I tested TCP transmission today, I found that the client could not receive the data all the time. I found that I forgot the internetaccess permission when I went online! When writing Android programs, you will often forget to add permissions. The following are information about androiduses-Permission collected on the Internet for ease of searching ~Android. Permiss
application, even if the package name is the same, so the impact is: 1) app upgrade . Upgrade software with the same signature can gracefully overwrite the old version of the software, or the system will find that the new version of the signing certificate and the old version of the signing certificate is inconsistent, does not allow the new version to be installed successfully. 2) App modularity . The Android system allows the same app to run in t
software with the same signature can gracefully overwrite the old version of the software, or the system will find that the new version of the signing certificate and the old version of the signing certificate is inconsistent, does not allow the new version to be installed successfully. 2) App modularity . The Android system allows the same app to run in the same process, and if it's running in the same process, they're equivalent to the same app, b
Django permission mechanism implementation code details, django permission mechanism details
This article focuses on the Django permission mechanism.1. Django permission mechanism Overview
The permission mechanism can constrain user behavior, control the display content of t
Android Digital Signature Learning Note Posted on2010-01-17 18:38Feisky Reading (20834Reviews4) Edit FavoritesIn an Android system, all applications installed to the system must have a digital certificate that identifies the author of the application and establishes a trust relationship between the applications, if a permission ProtectionLevel is signature, Then
Reprint: http://www.cnblogs.com/shipengzhi/articles/2716004.html One, the problem to be solved
Some APIs have signature parameters (signature), the passport first verifies the signature, and the validation passes before the implementation method is executed.
The first implementation method (Origin): The code that writes the checksum in the interface
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.