Hi, All of Android's security is implemented through the underlying Linux processes, not through the Dalvik VM, so native code is fundamentally no less or more restricted than Java code. Thus, correct, native applications have no more OS-wide file access than do Java applications (in fact on current production phones users don't have OS-wide file access either), they need to explicitly request permissions such as INTERNET for dangerous operations they may perform, etc. This is a feature. :)
On Tue, Jun 30, 2009 at 8:52 AM, Anders Rundgren <[email protected]>wrote: > Disclaimer: I have not downloaded the Android NDK but have fairly good > insight in operating system security. > There was a lengthy discussion on LinkedIn's Android Group about the > virtues of the NDK, were I claimed it is crippled compared to native-mode > code in Symbian. > > Is it correct that there is no third-party validation for NDK extensions? > > If so, it should mean that the NDK code must run under the same constraints > as the invoking (java) application. > > In Symbian an application can (for example) have OS-wide file access > because: > - it was scrutinized by a trusted third part > - it is signed by a specific Symbian authority certificate > > Comments? > > Anders > -- Dianne Hackborn Android framework engineer [email protected] Note: please don't send private questions to me, as I don't have time to provide private support, and so won't reply to such e-mails. All such questions should be posted on public forums, where I and others can see and answer them.
