thank you for this suggestion
A put the following line in the manifest of my content provider addon
(MYPERMISSION is replaced by the correct value):
<permission android:name="MYPERMISSION"
android:protectionLevel="signature"/>
And I didn't put <uses-permission> tag for this permission in the
main app of mine but it
could use the provider. Is it ok or not? Need I to declare this
permission as required?
On Feb 27, 6:19 pm, Dianne Hackborn <hack...@android.com> wrote:
> There is *no* need to use a shared used ID. Signature-based permissions do
> this, in a much more clean way.
>
> Also as pointed out, you can't change your app to a shared used ID if it
> doesn't already use one.
>
> And I really discourage people from using shared user IDs; there are lots of
> subtle implications of doing that, which I would prefer just be avoided.
>
>
>
>
>
>
>
>
>
> On Sat, Feb 26, 2011 at 11:51 PM, b_t <bartata...@gmail.com> wrote:
> > Can "Shared ID" be used for this purpose with setting content provider
> > as "not exported"?
> > Then only my app could use this addon, am I right?
>
> > If my app (which contains appwidgets) didn't have a shared id before
> > and I set this in the next update will it
> > work without any problem? Appwidgets uses this id or not? They are
> > running in the name of this user?
>
> > On febr. 26, 22:12, Dianne Hackborn <hack...@android.com> wrote:
> > > Yes a help application works well. Just be sure that if you do such a
> > thing
> > > it is in a secure way -- for example if this is structured as a Service
> > that
> > > your main application binds to in order to have it do stuff with SMS
> > > messages, declare a signature permission in the help that restricts
> > access
> > > to it, and use it in your main app. This way other applications can't
> > get
> > > the permission and can't find to your service and abuse you as a security
> > > hole (in which case your helper app will get the blame, since it is the
> > one
> > > accessing the SMS data).
>
> > > On Sat, Feb 26, 2011 at 12:32 PM, Kostya Vasilyev <kmans...@gmail.com
> > >wrote:
>
> > > > I do have a suggestion for you - you could implement additional
> > > > functionality as an add-on, a companion application.
>
> > > > Android has features that make it pretty easy to implement (shared user
> > > > ids, intents, services, being able to query installed packages and
> > intent
> > > > resolution). Some applications that are available in Market already do
> > this
> > > > (e.g. Smart Keyboard, ES File Explorer, those are just the ones I use,
> > there
> > > > are certainly many more).
>
> > > > 26.02.2011 22:18, b_t пишет:
>
> > > > There are users who don't read the app description nor the comments.
> > > >> They don't write an email to ask just write a bad comment.
>
> > > > Yes, users are a pain - they are ignorant, paranoid, moronic,
> > inarticulate.
> > > > The world would a better place without them :) </irony>
>
> > > > So explaining it doesn't help because they don't read.
> > > >> I always try to answer comments but the next comments keep asking
> > > >> the same questions.
>
> > > > True.
>
> > > > But I also find that sometimes there are things you can do to address
> > > > certain often asked questions or misunderstood functionality - like
> > adding a
> > > > help button, or tweaking how the information is presented, so it's more
> > > > obvious.
>
> > > > So I'm not satisfied with this permission model, what about you?
>
> > > > Well, my two current application are so simple, it's not even funny.
> > The
> > > > permissions they request are obvious, so my experience doesn't really
> > apply
> > > > here.
>
> > > > --
> > > > Kostya Vasilyev --http://kmansoft.wordpress.com
>
> > > > --
> > > > You received this message because you are subscribed to the Google
> > > > Groups "Android Developers" group.
> > > > To post to this group, send email to
> > android-developers@googlegroups.com
> > > > To unsubscribe from this group, send email to
> > > > android-developers+unsubscribe@googlegroups.com
> > > > For more options, visit this group at
> > > >http://groups.google.com/group/android-developers?hl=en
>
> > > --
> > > Dianne Hackborn
> > > Android framework engineer
> > > hack...@android.com
>
> > > Note: please don't send private questions to me, as I don't have time to
> > > provide private support, and so won't reply to such e-mails. All such
> > > questions should be posted on public forums, where I and others can see
> > and
> > > answer them.
>
> > --
> > You received this message because you are subscribed to the Google
> > Groups "Android Developers" group.
> > To post to this group, send email to android-developers@googlegroups.com
> > To unsubscribe from this group, send email to
> > android-developers+unsubscribe@googlegroups.com
> > For more options, visit this group at
> >http://groups.google.com/group/android-developers?hl=en
>
> --
> Dianne Hackborn
> Android framework engineer
> hack...@android.com
>
> Note: please don't send private questions to me, as I don't have time to
> provide private support, and so won't reply to such e-mails. All such
> questions should be posted on public forums, where I and others can see and
> answer them.
--
You received this message because you are subscribed to the Google
Groups "Android Developers" group.
To post to this group, send email to android-developers@googlegroups.com
To unsubscribe from this group, send email to
android-developers+unsubscribe@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/android-developers?hl=en
No comments:
Post a Comment