Thanks, Chris. I understand your point about JNI and reflection. I don't have solution for JNI but for reflection, I think we can use static analyzer to see if it's been used to load certain classes or make calls to certain methods.
What I don't know about is, "constructed intent". Could you please elaborate. Regards, ATTA On Mon, Apr 23, 2012 at 4:07 PM, Chris Stratton <[email protected]> wrote: > On Monday, April 23, 2012 4:39:50 AM UTC-4, atta wrote: >> >> I have just started to work on an idea where I'd want to inject some >> additional cross cutting concerns -- mainly security with some logging -- >> to an existing APK files. >> > > You do realize that anything that uses jni or reflection or even a > constructed intent can make an end-run around your efforts? > > >> Before I start implementing the subset of DEX specification, I was >> wondering if there were any existing tools/libraries that I can take a look >> at for a start. >> > > apktool does some related things > >> -- > You received this message because you are subscribed to the Google Groups > "Android Discuss" group. > To view this discussion on the web visit > https://groups.google.com/d/msg/android-discuss/-/DIUSfvBWXVkJ. > To post to this group, send email to [email protected]. > To unsubscribe from this group, send email to > [email protected]. > For more options, visit this group at > http://groups.google.com/group/android-discuss?hl=en. > -- You received this message because you are subscribed to the Google Groups "Android Discuss" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/android-discuss?hl=en.
