On Mon, Apr 20, 2009 at 11:17 AM, VK <[email protected]> wrote:
> I was inquiring about the "signatureOrSystem" protection level. Thanks > for pointing me towards the XML file in the frameworks. > > But I am still curious about how an android application developed by > Google (Phone apps etc.) or a 3rd party could declare such a > permission since the system is not expected to be aware of the > application. Looks like you already mentioned something to this effect > in your previous reply. Well yes, it probably isn't all that useful for applications. Certainly, if your app is never going to be bundled on the system image of a device, I can't see why you would want to use it. > My assumption here is that this protection level is meant to support > framework components, core services developed by the OEM which are not > expected to be signed by the same certificate as the one used to sign > the base android framework but would still be part of the system > image. > Is this right? Yes, it is basically a back-door for certain cases where you want to do something special in the context of a particular system build. Its use is not encouraged. -- Dianne Hackborn Android framework engineer [email protected] Note: please don't send private questions to me, as I don't have time to provide private support, and so won't reply to such e-mails. All such questions should be posted on public forums, where I and others can see and answer them.
