Yes it is the second one of course. On Fri, Oct 23, 2009 at 2:56 AM, nguyenvuthiennga < nguyenvuthien...@gmail.com> wrote:
> > Hi all, > > All documents say that permissions in Android are granted at the > installation time. However, I wonder how they are actually checked at > run time. In my mind, there are 2 possibilities: > > - First, when an application is installed, all permissions specified > in Manifest.xml are parsed and check if they are granted or not. In > case, all are granted, the source code is also parsed to check if > every component/system access is legal (i. e. it belongs to one of > granted permissions). When all accesses are passed, the application is > installed successfully. Later, the application can be run without > caring about permissions, i. e. no check is performed. > > - Second, at installation time, requested permissions are parsed and > check if they are granted or not. After passing this phase, the > application is successfully installed. During the run-time, whenever > the application requests to access other components/system, this > action is checked against granted permissions (at installation time). > > I think the first one is not a good idea. I think it is so awkward and > it's impossible to parse all source code, assuming the code is > compiled into byte code. > > So, it should be the second one. Am I correct? Or is there any other > way? > > Thanks in advance, > > Nga > -- Dianne Hackborn Android framework engineer hack...@android.com Note: please don't send private questions to me, as I don't have time to provide private support, and so won't reply to such e-mails. All such questions should be posted on public forums, where I and others can see and answer them.
