Safe and Secure

As mentioned earlier, every application runs in its own Linux process. The hardware forbids one process from accessing another process's

6. http://d.android.com/guide/developing/tools/aapt.html

memory. Furthermore, every application is assigned a specific user ID. Any files it creates cannot be read or written by other applications.

In addition, access to certain critical operations are restricted, and you must specifically ask for permission to use them in a file named Android-Manifest.xml. When the application is installed, the Package Manager either grants or doesn't grant the permissions based on certificates and, if necessary, user prompts. Here are some of the most common permissions you will need:

• INTERNET: Access the Internet.

• READ_CONTACTS: Read (but don't write) the user's contacts data.

• WRITE_CONTACTS: Write (but don't read) the user's contacts data.

• RECEIVE_SMS: Monitor incoming SMS (text) messages.

• ACCESS_COARSE_LOCATION: Use a coarse location provider such as cell towers or wifi.

• ACCESS_FINE_LOCATION: Use a more accurate location provider such as GPS.

For example, to monitor incoming SMS messages, you would specify this in the manifest file:

<manifest xmlns:android="http://schemas.android.com/apk/res/android" package="com.google.android.app.myapp" >

<uses-permission android:name="android.permission.RECEIVE_SMS" /> </manifest>

Android can even restrict access to entire parts of the system. Using XML tags in AndroidManifest.xml, you can restrict who can start an activity, start or bind to a service, broadcast intents to a receiver, or access the data in a content provider. This kind of control is beyond the scope of this book, but if you want to learn more, read the online help for the Android security model.7

0 0

Post a comment