9
MODE_WORLD_WRITEABLE ( /reference/android/content /Context.html#MODE_WORLD_WRITEABLE ) MODE_WORLD_READABLE ( /reference/android/content /Context.html#MODE_WORLD_READABLE ) KeyStore ( /reference /java/security/KeyStore.html ) Security Tips | Android Developers 6/2/2014 9:21 PM http://developer.android.com/training/articles/security-tips.html 1 of 9

Security Tips for Android Developers

Embed Size (px)

DESCRIPTION

Security Tips for Android Developers

Citation preview

Page 1: Security Tips for Android Developers

MODE_WORLD_WRITEABLE (/reference/android/content

/Context.html#MODE_WORLD_WRITEABLE) MODE_WORLD_READABLE (/reference/android/content

/Context.html#MODE_WORLD_READABLE)

KeyStore (/reference

/java/security/KeyStore.html)

Security Tips | Android Developers 6/2/2014 9:21 PM

http://developer.android.com/training/articles/security-tips.html 1 of 9

Page 2: Security Tips for Android Developers

ContentProvider (/reference/android/content

/ContentProvider.html) android:exported=false (/guide/topics/manifest/provider-

element.html#exported) android:exported (/guide/topics

/manifest/provider-element.html#exported) "true"

ContentProvider (/reference/android/content/ContentProvider.html)

android:protectionLevel "signature"

android:grantUriPermissions

FLAG_GRANT_READ_URI_PERMISSION (/reference/android/content

/Intent.html#FLAG_GRANT_READ_URI_PERMISSION) FLAG_GRANT_WRITE_URI_PERMISSION (/reference

/android/content/Intent.html#FLAG_GRANT_WRITE_URI_PERMISSION) Intent (/reference/android

/content/Intent.html)

<grant-uri-permission element> (/guide/topics/manifest/grant-uri-permission-

element.html)

query() (/reference/android

/content/ContentProvider.html#query(android.net.Uri, java.lang.String[], java.lang.String,

java.lang.String[], java.lang.String)) update() (/reference/android/content

/ContentProvider.html#update(android.net.Uri, android.content.ContentValues, java.lang.String,

java.lang.String[])) delete() (/reference/android/content

/ContentProvider.html#delete(android.net.Uri, java.lang.String, java.lang.String[]))

selection

WHERE

Security Tips | Android Developers 6/2/2014 9:21 PM

http://developer.android.com/training/articles/security-tips.html 2 of 9

Page 3: Security Tips for Android Developers

<permissions>

ContentProvider (/reference/android/content/ContentProvider.html)

HttpsURLConnection

(/reference/javax/net/ssl/HttpsURLConnection.html)

Security Tips | Android Developers 6/2/2014 9:21 PM

http://developer.android.com/training/articles/security-tips.html 3 of 9

Page 4: Security Tips for Android Developers

SSLSocket

(/reference/javax/net/ssl/SSLSocket.html)

Service (/reference/android/app/Service.html)

WebView (/reference/android/webkit

/WebView.html)

READ_SMS (/reference/android/Manifest.permission.html#READ_SMS)

Security Tips | Android Developers 6/2/2014 9:21 PM

http://developer.android.com/training/articles/security-tips.html 4 of 9

Page 5: Security Tips for Android Developers

READ_LOGS (/reference/android/Manifest.permission.html#READ_LOGS)

WebView (/reference/android/webkit/WebView.html)

WebView (/reference/android/webkit

/WebView.html)

WebView (/reference/android/webkit

/WebView.html) setJavaScriptEnabled() (/reference/android/webkit

/WebSettings.html#setJavaScriptEnabled(boolean))

WebView

(/reference/android/webkit/WebView.html)

addJavaScriptInterface() (/reference/android/webkit

/WebView.html#addJavascriptInterface(java.lang.Object, java.lang.String))

addJavaScriptInterface() (/reference/android/webkit

/WebView.html#addJavascriptInterface(java.lang.Object, java.lang.String))

addJavaScriptInterface() (/reference/android

/webkit/WebView.html#addJavascriptInterface(java.lang.Object, java.lang.String))

WebView (/reference/android/webkit/WebView.html)

clearCache() (/reference/android/webkit/WebView.html#clearCache(boolean))

no-cache

Security Tips | Android Developers 6/2/2014 9:21 PM

http://developer.android.com/training/articles/security-tips.html 5 of 9

Page 6: Security Tips for Android Developers

AccountManager

(/reference/android/accounts/AccountManager.html) AccountManager (/reference

/android/accounts/AccountManager.html)

AccountManager (/reference/android/accounts/AccountManager.html) Account

(/reference/android/accounts/Account.html) CREATOR (/reference/android/accounts/Account.html#CREATOR)

AccountManager (/reference/android/accounts/AccountManager.html)

checkSignature() (/reference/android/content/pm/PackageManager.html#checkSignatures(int, int))

KeyStore (/reference

/java/security/KeyStore.html)

HttpsURLConnection

(/reference/javax/net/ssl/HttpsURLConnection.html) SSLSocket (/reference/javax/net/ssl

/SSLSocket.html)

Cipher (/reference/javax/crypto/Cipher.html)

SecureRandom (/reference/java/security/SecureRandom.html)

KeyGenerator (/reference/javax/crypto/KeyGenerator.html)

KeyStore (/reference/java/security

/KeyStore.html)

Intent

(/reference/android/content/Intent.html) Binder (/reference/android/os/Binder.html) Messenger

(/reference/android/os/Messenger.html) Service (/reference/android/app/Service.html)

BroadcastReceiver (/reference/android/content/BroadcastReceiver.html)

Security Tips | Android Developers 6/2/2014 9:21 PM

http://developer.android.com/training/articles/security-tips.html 6 of 9

Page 7: Security Tips for Android Developers

android:exported "false"

<service>

<permission>

"signature"

android:protectionLevel

sendBroadcast() (/reference/android/content

/Context.html#sendBroadcast(android.content.Intent)) sendOrderedBroadcast() (/reference/android

/content/Context.html#sendOrderedBroadcast(android.content.Intent, java.lang.String))

Service (/reference/android/app/Service.html)

android:exported

android:permission

<uses-

permission> (/guide/topics/manifest/uses-permission-element.html)

checkCallingPermission()

(/reference/android/content/Context.html#checkCallingPermission(java.lang.String))

Binder (/reference/android/os/Binder.html) Messenger (/reference/android/os/Messenger.html)

Binder (/reference/android/os/Binder.html) Messenger (/reference/android

/os/Messenger.html)

Security Tips | Android Developers 6/2/2014 9:21 PM

http://developer.android.com/training/articles/security-tips.html 7 of 9

Page 8: Security Tips for Android Developers

Service (/reference/android/app/Service.html) Activity (/reference/android

/app/Activity.html)

Binder

(/reference/android/os/Binder.html) Messenger (/reference/android/os/Messenger.html)

checkCallingPermission() (/reference

/android/content/Context.html#checkCallingPermission(java.lang.String))

Service

(/reference/android/app/Service.html) bindService() (/reference/android/content

/Context.html#bindService(android.content.Intent, android.content.ServiceConnection, int))

clearCallingIdentity() (/reference/android

/os/Binder.html#clearCallingIdentity())

BroadcastReceiver (/reference/android/content/BroadcastReceiver.html)

Intent (/reference/android/content/Intent.html)

BroadcastReceiver

(/reference/android/content/BroadcastReceiver.html)

<receiver> (/guide/topics/manifest/receiver-

element.html)

BroadcastReceiver (/reference/android/content

/BroadcastReceiver.html)

DexClassLoader

(/reference/dalvik/system/DexClassLoader.html)

Security Tips | Android Developers 6/2/2014 9:21 PM

http://developer.android.com/training/articles/security-tips.html 8 of 9

Page 9: Security Tips for Android Developers

Security Tips | Android Developers 6/2/2014 9:21 PM

http://developer.android.com/training/articles/security-tips.html 9 of 9


Android Studio Overview _ Android Developers

Android Studio Overview _ Android Developers

Documents
Android development | Android developers

Android development | Android developers

Documents
Android for Embedded Linux Developers

Android for Embedded Linux Developers

Technology
iOS Development For Android Developers

iOS Development For Android Developers

Software
Android Market for Developers - Android Developer Lab Q3 2011

Android Market for Developers - Android Developer Lab Q3 2011

Technology
Android the Developers Guide

Android the Developers Guide

Documents
ANDROID LIFECYCLE FOR APPLICATION DEVELOPERS …developer.download.nvidia.com/.../docs/android_lifecycle_app_note.pdf · Android Lifecycle for application developers: Guidelines and

ANDROID LIFECYCLE FOR APPLICATION DEVELOPERS …developer.download.nvidia.com/.../docs/android_lifecycle_app_note.pdf · Android Lifecycle for application developers: Guidelines and

Documents
Android For Java Developers

Android For Java Developers

Technology
Design guidelines for android developers

Design guidelines for android developers

Technology
Android&for&Java Developers OSCON2010 - O'Reilly Mediaassets.en.oreilly.com/1/event/45/Android for Java Developers... · Android&for&Java Developers OSCON2010. ... Trained over 1,000

Android&for&Java Developers OSCON2010 - O'Reilly Mediaassets.en.oreilly.com/1/event/45/Android for Java Developers... · Android&for&Java Developers OSCON2010. ... Trained over 1,000

Documents
Power Optimization for Android developers

Power Optimization for Android developers

Technology
Android Java Developers a 7

Android Java Developers a 7

Documents
Wp7 guide for android developers

Wp7 guide for android developers

Technology
Android app developers pune

Android app developers pune

Software
ANDROID LIFECYCLE FOR APPLICATION DEVELOPERS: …

ANDROID LIFECYCLE FOR APPLICATION DEVELOPERS: …

Documents
Workshop Android for Java Developers

Workshop Android for Java Developers

Education
Productive Android developers (Meetup slides)

Productive Android developers (Meetup slides)

Technology
Sensors Overview _ Android Developers

Sensors Overview _ Android Developers

Documents
Supporting Multiple Screens | Android Developers

Supporting Multiple Screens | Android Developers

Documents
Android Developers Challenge

Android Developers Challenge

Documents
TextView _ Android Developers

TextView _ Android Developers

Documents
Android 4.0 Platform _ Android Developers

Android 4.0 Platform _ Android Developers

Documents
Dallas Android Developers Feb

Dallas Android Developers Feb

Documents
Loaders _ Android Developers

Loaders _ Android Developers

Documents
Android lollipop for developers

Android lollipop for developers

Software
Hire Android Developers

Hire Android Developers

Technology
Android Market for Developers

Android Market for Developers

Documents
Git for Android Developers

Git for Android Developers

Technology
Kotlin for Android Developers (Preview) - Antonio Leivaantonioleiva.com/.../2015/08/kotlin-for-android-developers-preview.pdf · Gradle, Java programming and Android SDK. You may

Kotlin for Android Developers (Preview) - Antonio Leivaantonioleiva.com/.../2015/08/kotlin-for-android-developers-preview.pdf · Gradle, Java programming and Android SDK. You may

Documents
10 Tools for Android Developers

10 Tools for Android Developers

Technology