Yes, I can imagine UID based access control like AccountManager. But integrating things in dalvik (or more properly in libcore) is more problematic since it doesn't have dependencies on frameworks/base where such things are traditionally implemented.
-bri On Tue, Aug 9, 2011 at 11:35 AM, Chris Palmer <[email protected]> wrote: > On Aug 9, 2011, at 11:24 AM, Brian Carlstrom wrote: > > > I'm somewhat familiar with Kerberos having ported it across more > traditional OS's in my youth, but have little experience with it in a Java > environment, and have not thought out the general issues that might be > present when each app runs in an independent UID with regard to how ticket > management etc might work. > > I suppose you could have the Kerberos network client app be a Service to > other apps on the Android device, and proxy their requests for tickets. > > The status quo for traditional operating systems, in which all > Kerberos-using clients get different tickets granting different network > privileges yet all run as the same UID and thus can steal from each other, > would be sub-par for Android. The Kerberos client app could enforce a policy > such as "give other clients only the ticket(s) they previously asked for > (and presented credentials for)", thus achieving Android-like privilege > separation. > > I can imagine a need for first-class Kerberos support on Android, but it's > not at the top of my "things Android needs" list. But it's not at the > bottom, either... -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
