Hi all,
using this code:
PackageManager pm = getPackageManager();
try
{
PackageInfo info = pm.getPackageInfo(getPackageName(),
64);
Signature [] sig = info.signatures;
sigstring = new String(sig[0].toChars());
}
catch (Exception e)
{
e.printStackTrace();
}
return sigstring;
I can get signature of every package in the system.
How can I deny other apps (except my apps and Android system) to read
my package signature?
I want to make sure it is original app, not changed by hacker (i.e.
signed by my own private key) when run. But for now I see that hacker
can easily patch my code by embedding signature, he read from my
original package.
Maybe there is another way to make sure package is original?
--
You received this message because you are subscribed to the Google
Groups "Android Developers" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/android-developers?hl=en
