As I said previously, I don't want another application to be able to request access to data I'm storing for another application. Maybe I'm misunderstanding permissions, but from what I know, permissions must be declared in the AndroidManifest.xml file, so they cannot change, which means I would have to declare a permission for every application, and I don't necessarily know what applications will be connecting to mine.
On Aug 18, 2:11 pm, Dianne Hackborn <[email protected]> wrote: > You get the uid of the caller with Binder.getCallingUid(). But usually you > just use the context API to check a specific permission against the current > calling uid. > > On Tue, Aug 18, 2009 at 1:21 PM, Jonathan Herriott <[email protected]>wrote: > > > > > > > > > Yeah, sorry, I just noticed the ability to get the Uid in > > IBinder.Stub. I didn't realize this at first since my interface calls > > functions on the Service, and I was checking the service for the > > permissions. > > > *sigh* > > > On Aug 18, 12:53 pm, Dianne Hackborn <[email protected]> wrote: > > > You -can't- do this in onBind(), since for performance reasons the > > onBind() > > > is called only once for each intent, so we don't need to do multiple IPC > > > hops for each request (into the system and then into the service). > > > > And if what you are interested in protecting is an interface returned by > > > onBind()... well then, you -have- an interface, which you can do all > > kinds > > > of your own protecting by doing checks against incoming uids. For > > example, > > > you could have 10 methods on the interface that use > > > Context.checkCallingPermission() to allow access to each of them based on > > > different permissions. Or you could have one method that services as a > > > factory, returning another interface, and in the factory method you do > > your > > > permission check which will thus provide full access to the secondary > > > interface. > > > > For content provider, you can do uid checks in any of the incoming calls. > > > You can also protected the provider in the manifest with different read > > and > > > write permissions, and in Donut you will be able to specify other > > > permissions in the manifest for specific paths. > > > > I don't think we need a feature request. :) > > > > On Tue, Aug 18, 2009 at 12:37 PM, Jonathan Herriott <[email protected] > > >wrote: > > > > > Hi Dianne, > > > > > Should I bother requesting this in b.android.com, since I would like > > > > to sandbox data for each application that connects to my service. As > > > > far as I can tell, there seems to be no way when receiving an intent > > > > in onBind() that will inform me of the uid of the calling > > > > application. Also, I would also like to be able to do the same thing > > > > in a ContentProvider, but again, there seems to be no function to > > > > obtain this information. > > > > > Thanks, > > > > Jonathan Herriott > > > > > On Aug 18, 12:16 pm, Dianne Hackborn <[email protected]> wrote: > > > > > There isn't any way to do this for a service, though you can find out > > the > > > > > calling intent for an activity when the caller is waiting for a > > result. > > > > > Most security is enforced in the system either by associating > > permissions > > > > > with components in the manifest, or checking the uid of incoming IPC > > > > calls > > > > > to services and content providers. > > > > > > On Tue, Aug 18, 2009 at 11:03 AM, Jonathan Herriott < > > [email protected] > > > > >wrote: > > > > > > > I was wondering if there is a way to determine who passed an intent > > to > > > > > > my application. For example, I have a service, that I want to act > > > > > > differently depending on who passed the intent (for security > > > > > > reasons). I'm trying to sandbox each calling application, so they > > > > > > only have access to their data stored in my application. > > > > > > > For it to be secure, I cannot trust any application to be truthful > > > > > > about the identifying data it is passing into my service. > > Therefore, > > > > > > I need some system way of identifying who sent the intent in a way > > > > > > that the calling application cannot change that information. I > > don't > > > > > > know if it is possible, but I can't find anything in the Intent > > class, > > > > > > and I was wondering if there may be another structure which does > > what > > > > > > I want it to. If it is not possible, I would like to get some type > > of > > > > > > mechanism to do this in the roadmap. > > > > > > > Thanks, > > > > > > Jonathan Herriott > > > > > > -- > > > > > Dianne Hackborn > > > > > Android framework engineer > > > > > [email protected] > > > > > > Note: please don't send private questions to me, as I don't have time > > to > > > > > provide private support, and so won't reply to such e-mails. All > > such > > > > > questions should be posted on public forums, where I and others can > > see > > > > and > > > > > answer them. > > > > -- > > > Dianne Hackborn > > > Android framework engineer > > > [email protected] > > > > Note: please don't send private questions to me, as I don't have time to > > > provide private support, and so won't reply to such e-mails. All such > > > questions should be posted on public forums, where I and others can see > > and > > > answer them. > > -- > Dianne Hackborn > Android framework engineer > [email protected] > > Note: please don't send private questions to me, as I don't have time to > provide private support, and so won't reply to such e-mails. All such > questions should be posted on public forums, where I and others can see and > answer them. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/android-developers?hl=en -~----------~----~----~----~------~----~------~--~---
