My take-away from your comments is that a fundamental risk is security. I understand you have some technical reservations but that is for me to worry about:) You are of course correct that every APK executing in the host will have the same rights and abilities. Is your main concern that one or more of the APKs will take advantage of what is essentially privilege escalation? The risk of privilege escalation is obviously malware where an app sends SMS's and/or uploads private information. The challenge is to prevent or stop this kind of behavior. Is this analysis correct?
Kenneth On Dec 4, 1:10 pm, Mark Murphy <[email protected]> wrote: > On Sun, Dec 4, 2011 at 2:01 PM, klewelling <[email protected]> wrote: > > Thanks for the feedback. There are definitively security issues to > > work out. APKs can be multi-process which can be used to isolate the > > dynamic apks at runtime. > > Not really. The secondary process has all the rights and abilities of > the original process. > > > An application virtualization layer can be > > used to keep the apks from writing over each other's files > > Only by writing custom firmware, AFAIK. > > > and the > > APKs themselves can be vetted for malicious code and mis-behaving > > apps. > > If you say so. > > Having more social means of discovering apps is great, but not at the > cost of security. > > -- > Mark Murphy (a Commons > Guy)http://commonsware.com|http://github.com/commonsguyhttp://commonsware.com/blog|http://twitter.com/commonsguy > > Android Training...At Your Office:http://commonsware.com/training -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
