Being able to inject key events to any applications means you can effectively do anything the user can do -- you can start phone calls without them being involved, download and install applications without them being involved, etc.
This is not something we plan to support. On Apr 3, 5:03 pm, Peli <[EMAIL PROTECTED]> wrote: > What could go wrong with granting permissions to selected trustful > applications just like applications can be granted rights to > ACCESS_GPS, READ_CONTACTS, or RECEIVE_BOOT_COMPLETED? => > INJECT_KEY_EVENTS? > > Not that I'm asking for it (since I know of the time-constraints the > Android team has to deal with), but in principle, wouldn't it be a > more open strategy to allow technically whatever is possible as long > as access is controlled by permissions? > > Peli > > On Apr 3, 11:29 pm, hackbod <[EMAIL PROTECTED]> wrote: > > > We aren't allowing injection of arbitrary key events from third party > > applications. It's just too big a security hole. > > > On Apr 3, 1:47 pm, Peli <[EMAIL PROTECTED]> wrote: > > > > Another possible usage could be speech recognition (SR) - if this is > > > not covered by the Android framework itself: A SR application could > > > put text at the cursor position of another application, and thus > > > enable blind people to work with arbitrary applications - email, web > > > browser forms, proprietary forms, ... - not only those that have been > > > designed for the blind... > > > > Of course, it would be better to have native support for those but > > > that is not in sight yet... > > > > Peli > > > > On Apr 3, 9:27 pm, hackbod <[EMAIL PROTECTED]> wrote: > > > > > You are allowed to inject key events as long as the focus window they > > > > are going to is one that was created by a process with your own user > > > > ID. This allows instrumentation tests to drive the UI of the app they > > > > are testing (since the instrumentation is built against the test app, > > > > so runs with its own uid). > > > > > On Apr 3, 11:57 am, "Dan U." <[EMAIL PROTECTED]> wrote: > > > > > > Yeah, I agree. Huge security problem there. I can see where it might > > > > > come in handy for automated GUI testing, but not much else. > > > > > > On Apr 3, 9:35 am, hackbod <[EMAIL PROTECTED]> wrote: > > > > > > > No, we don't allow an application to inject key events that drive > > > > > > another app. Too big of a security hole. :) > > > > > > > On Apr 3, 7:45 am, dimenwarper <[EMAIL PROTECTED]> wrote: > > > > > > > > Yea, more or less I want one app of mine to serve as a proxy > > > > > > > actor to > > > > > > > another app. I don't see any of these in the docs or anywhere > > > > > > > else so > > > > > > > I'll probably have to implement a mini layer based on intents to > > > > > > > do > > > > > > > the job =| > > > > > > > > chrs, > > > > > > > dw > > > > > > > > On Apr 3, 12:36 am, "Dan U." <[EMAIL PROTECTED]> wrote: > > > > > > > > > You mean to make your app interact with another app? I don't > > > > > > > > think > > > > > > > > that's possible. > > > > > > > > > On Apr 2, 11:13 pm,dimenwarper<[EMAIL PROTECTED]> wrote: > > > > > > > > > > hey all! > > > > > > > > > > Does anyone know if there is any way to create and launch > > > > > > > > > events (such > > > > > > > > > as click and key events) via software (e.g. > > > > > > > > > createClickEvent(float x, > > > > > > > > > float y))? > > > > > > > > > > Rgrds, > > > > > > > > > dw- Hide quoted text - > > > > > - Show quoted text -- Hide quoted text - > > > - Show quoted text - --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] Announcing the new M5 SDK! http://android-developers.blogspot.com/2008/02/android-sdk-m5-rc14-now-available.html For more options, visit this group at http://groups.google.com/group/android-developers?hl=en -~----------~----~----~----~------~----~------~--~---
