On Wed, Jan 5, 2011 at 1:59 AM, Jeff Enderwick <[email protected]>wrote:
> Or "yes"? For an application that is concerned about this, is there any way > for such an app to disallow 3rd party IMEs? Sorry, not currently. > Counting on the user to read the permissions, then synthesize and analyze > all possible threat models during the course of an app install is > unrealistic. Counting on that user behavior in the context of an app where > an employer cares about data security is a non-starter. > Like I said, in the case of installing an IME you shouldn't be thinking about permissions at all. That is the whole point of the dialog when you enable an IME. An IME is intrinsically dangerous. You must trust it. End of story. -- Dianne Hackborn Android framework engineer [email protected] Note: please don't send private questions to me, as I don't have time to provide private support, and so won't reply to such e-mails. All such questions should be posted on public forums, where I and others can see and answer them. -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
