On Wed, Feb 23, 2011 at 12:04 PM, Rahul Potharaju <[email protected]> wrote:
> I understand when you say the receiver should ask "Do I know or care about > the sender of this Intent?" and "Is the Intent well-formed according to my > input validation rules?". But I don't quite understand why the receiver > should ask the question "Did the sender have a given permission?". Isn't > this the task of the Security Manager (Reference Monitor) that takes care of > the access control? Or am I missing something here? Android does not use a Java Security Manager. And that is a Good Thing (even if it freaks everybody out). (Dare I mention that Dalvik does bytecode verification primarily for optimization and not for security? :) ) You might want to check if the caller had a certain Permission as an indication that the user has delegated some authority to a class of apps, and not just a single app by app identity. You could create a new Permission, or use an existing one. If the caller has that Permission, then the user has delegated that power to the calling app. If your component is a Service or a BroadcastReceiver, you can set this kind of policy declaratively, e.g. the permission attribute of the <service> or <receiver> tag: http://developer.android.com/guide/topics/manifest/service-element.html Otherwise, you can also set this kind of policy imperatively: http://developer.android.com/guide/topics/security/security.html#enforcement -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
