On Mon, Mar 16, 2009 at 10:29 AM, Guillaume Leterrier < [email protected]> wrote:
> Because the signature protection levels for the framework are defined in > a unique manifest XML file, > > - does it mean that there is no means to have different permissions > protected by different signature keys (but splitting the file and framework > API in groups)? > Signature-based permissions require that the .apk being granted the permission be signed with the same certificate as the one declaring it. You could make new types of permissions that allow other things, but we haven't needed such things so haven't implemented them. > The android framework is stored under the file directory \system\framework\ > > - Is this directory considered as one Android package signed by the current > android system unique key? > This is just a directory. Each .apk has a line in its manifest declaring which certificate it should be signed with, if it doesn't want to use the default. > - For permissions protected by signature or signatureOrSystem, what key is > used for such protection verification? OEM/system key ? > I don't understand the question. This protection level just means "same as signature, but also allow anyone installed in /system to be granted the permission." > - if the OEMs are modifying few framework permission signature rules ( > dangerous => signature... ), how the applications compatibility will be > ensured on the Android platform accross various OEM smartphones ? > You don't do this, because you will break existing applications. This kind of change will be considered a compatibility breakage, and such a device is not considered to be an Android compatible device. -- Dianne Hackborn Android framework engineer [email protected] Note: please don't send private questions to me, as I don't have time to provide private support. All such questions should be posted on public forums, where I and others can see and answer them.
