What kind of attack are you trying to prevent? On Jan 13, 2010 1:36 PM, "Yuliy Pisetsky" <[email protected]> wrote:
I'm trying to write an app that will allow plugins (in the form of JARs with a few classes), but I don't want them to be able to interact with other applications on the device except through my own API. Are there any nice ways of preventing code from broadcasting arbitrary intents? If this isn't realistic at runtime, would a static analysis that just searched for anything involving reflection or constructing an Intent be sufficient?
