On Tue, Nov 16, 2010 at 11:44 AM, daniela <[email protected]> wrote: > Dear all, > > I would like to add some additional static checking of apps probably > within the Dalvik verifier. Alternatively, I may add checks to other > security related > parts of the Android platform. > I have been struggling to find detailed documentation for the > architecture and implementation of the Dalvik VM (except for the code > itself). > > Could you please point me to any useful information on the subject or > possibly to specific places in the code where I could do some static > analysis or > add some other additional checking of the security properties of apps? > > Thank you very much indeed! > Daniela >
Daniela, What aspects would you like to verify is probably the most important question. 2nd most important one is: Are you trying to do it for your application or for other applications too? About the latter, I am not sure, whether you will be able to achieve this from an application. What would make your application special that the APIs or the system would grant you access to other apps? What I am saying is that leaving such functionality open could pose security concerns. To achieve this in your application, have a look at Guice: http://code.google.com/p/google-guice/wiki/AOP ...and its flavour for Android: http://code.google.com/p/roboguice/ Also have a look at classes in following packages: dalvik.* security.* Daniel -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
