On Wed, Mar 9, 2011 at 10:34 PM, Anurag <[email protected]> wrote: > 1. Android has two installers: a) The default installer, which > performs the digital security check and allows applications to get > installed only from Android Marketplace and b) The Side-loading > installer, that does not perform a digital security check and allows > any application to get installed. >
The "default installer" is not default, it is not even part of the Android platform. > 3. This would disable Android's default application installer (1.a), > as only one of the installer is enabled at a time. Code-wise, the code > in Android that corresponds to the default installer > (PackageManagerService ?) is now no longer executed. > There is no such ting as an "application installer" or a "default application installer," let alone that only one may be active at a time. > > 4. Now, when any application is installed, the code corresponding to > the Side-loading installer that gets executed is > "PackageInstallerActivity.java", which is located in the folder > "\mydroid\packages\apps\PackageInstaller\src\com\android > \packageinstaller"? > No, PackageInstallerActivity is *only* for side-loading. > 5. "PackageInstallerActivity.java" would need to be updated to add the > customized digital certificate check functionality? > Yes if you want to check certs when side-loading apps. -- Dianne Hackborn Android framework engineer [email protected] Note: please don't send private questions to me, as I don't have time to provide private support, and so won't reply to such e-mails. All such questions should be posted on public forums, where I and others can see and answer them. -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
