[android-developers] Re: Android and Java Security Running Together

2009-03-19 Thread Aubrey-Derrick Schmidt 

Hi,

do you have any official publications on this. This sounds very
interesting. Good look in progressing.

BR,
Aubrey

Daniel Janev wrote:
   Hi Guys,

 I've just succeeded in changing the security model of the dalvik VM! So
 I've run an OSGi implementation on the android platform with security.
 Of course it does not work without some hacks for file access and so
 on. But mainly the java security model works good enough. If anyone is
 interested in this I can share with you what have to be done.

 P.S. So, it seems that I was the first in the world to run it :)

   

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google
Groups Android Developers group.
To post to this group, send email to android-developers@googlegroups.com
To unsubscribe from this group, send email to
android-developers-unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/android-developers?hl=en
-~--~~~~--~~--~--~---

[android-developers] Re: Android and Java Security Running Together

2009-02-06 Thread NguyenVinh 

Hi Daniel,

Your post is a good news for me.

Actually, the dex jar files that were signed is so strange for me.

Currently, when DexFile wants to load a class of them (i.e. the dex
jar file), they define this class with a null ProtectionDomain
parameter. A way to fulfill the security for the dex jar file is
change this parameter to a valid ProtectionDomain object. However, I
can not really create a that object because the CodeSource object was
impossible to created by the JarVerifier is not successful. More
clearly in source code as here:
...
JarFile jf = new JarFile(path, true);
JarEntry je = jf.getJarEntry(classes.dex);
CodeSource cs = new CodeSource(url, je.getCertificates()); //--- at
this line, je.getCertificates() return null, so the creation failed.
...

For normal jar file (i.e they have class files, not dex file), the
creation is OK.

Could you explain why it fails to get certificates?

Thank you so much.

On Feb 5, 2:44 am, Daniel Janev d.ja...@prosyst.com wrote:
         Hi Guys,

 I've just succeeded in changing thesecuritymodel of the dalvik VM! So
 I've run an OSGi implementation on the android platform withsecurity.
 Of course it does not work without some hacks for file access and so
 on. But mainly thejavasecuritymodel works good enough. If anyone is
 interested in this I can share with you what have to be done.

 P.S. So, it seems that I was the first in the world to run it :)

 --

 Best Regards,
     Daniel
 ---
 Daniel Janev · Department Manager/Core Platform and Smart Home
 ProSyst Software GmbH
 1606 Sofia, Bulgaria · Vladajska Str. 48
 Tel. +359 (0)2 952 35 81/109 · Fax +359 (0)2 953 26 17
 Mobile Phone +359 (0)888 678 670http://www.prosyst.com· d.ja...@prosyst.com
 ---
 stay in touch with your product.
 ---

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google
Groups Android Developers group.
To post to this group, send email to android-developers@googlegroups.com
To unsubscribe from this group, send email to
android-developers-unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/android-developers?hl=en
-~--~~~~--~~--~--~---