interface.
Now, if the service is local ("android:exported=false") then it won't be
available to other applications, so this whole issue doesn't apply -
unless someone decompiles and rebuilds your application. But in that
case, they could disable any validation code in your service and activity.
So keep this scenario in mind - either keep it really simple and just
rely on local service, or implement measures against code changes, like
obfuscation and signature checking.
-- Kostya
04.03.2011 4:17, dnkoutso пишет:
> As an added note, I know I can verify from the Service if the
> application that is trying to bind is a valid one, I am actually
> asking the opposite, how can the application ensure it is bound to the
> real service? Perhaps, something with permissions? --
> You received this message because you are subscribed to the Google
> Groups "Android Developers" group.
> To post to this group, send email to android-developers@googlegroups.com
> To unsubscribe from this group, send email to
> android-developers+unsubscribe@googlegroups.com
> For more options, visit this group at
> http://groups.google.com/group/android-developers?hl=en
--
Kostya Vasilyev -- http://kmansoft.wordpress.com
--
You received this message because you are subscribed to the Google
Groups "Android Developers" group.
To post to this group, send email to android-developers@googlegroups.com
To unsubscribe from this group, send email to
android-developers+unsubscribe@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/android-developers?hl=en
No comments:
Post a Comment