Upload
metro-hydra
View
54
Download
3
Embed Size (px)
DESCRIPTION
Security Tips for Android Developers
Citation preview
MODE_WORLD_WRITEABLE (/reference/android/content
/Context.html#MODE_WORLD_WRITEABLE) MODE_WORLD_READABLE (/reference/android/content
/Context.html#MODE_WORLD_READABLE)
KeyStore (/reference
/java/security/KeyStore.html)
Security Tips | Android Developers 6/2/2014 9:21 PM
http://developer.android.com/training/articles/security-tips.html 1 of 9
ContentProvider (/reference/android/content
/ContentProvider.html) android:exported=false (/guide/topics/manifest/provider-
element.html#exported) android:exported (/guide/topics
/manifest/provider-element.html#exported) "true"
ContentProvider (/reference/android/content/ContentProvider.html)
android:protectionLevel "signature"
android:grantUriPermissions
FLAG_GRANT_READ_URI_PERMISSION (/reference/android/content
/Intent.html#FLAG_GRANT_READ_URI_PERMISSION) FLAG_GRANT_WRITE_URI_PERMISSION (/reference
/android/content/Intent.html#FLAG_GRANT_WRITE_URI_PERMISSION) Intent (/reference/android
/content/Intent.html)
<grant-uri-permission element> (/guide/topics/manifest/grant-uri-permission-
element.html)
query() (/reference/android
/content/ContentProvider.html#query(android.net.Uri, java.lang.String[], java.lang.String,
java.lang.String[], java.lang.String)) update() (/reference/android/content
/ContentProvider.html#update(android.net.Uri, android.content.ContentValues, java.lang.String,
java.lang.String[])) delete() (/reference/android/content
/ContentProvider.html#delete(android.net.Uri, java.lang.String, java.lang.String[]))
selection
WHERE
Security Tips | Android Developers 6/2/2014 9:21 PM
http://developer.android.com/training/articles/security-tips.html 2 of 9
<permissions>
ContentProvider (/reference/android/content/ContentProvider.html)
HttpsURLConnection
(/reference/javax/net/ssl/HttpsURLConnection.html)
Security Tips | Android Developers 6/2/2014 9:21 PM
http://developer.android.com/training/articles/security-tips.html 3 of 9
SSLSocket
(/reference/javax/net/ssl/SSLSocket.html)
Service (/reference/android/app/Service.html)
WebView (/reference/android/webkit
/WebView.html)
READ_SMS (/reference/android/Manifest.permission.html#READ_SMS)
Security Tips | Android Developers 6/2/2014 9:21 PM
http://developer.android.com/training/articles/security-tips.html 4 of 9
READ_LOGS (/reference/android/Manifest.permission.html#READ_LOGS)
WebView (/reference/android/webkit/WebView.html)
WebView (/reference/android/webkit
/WebView.html)
WebView (/reference/android/webkit
/WebView.html) setJavaScriptEnabled() (/reference/android/webkit
/WebSettings.html#setJavaScriptEnabled(boolean))
WebView
(/reference/android/webkit/WebView.html)
addJavaScriptInterface() (/reference/android/webkit
/WebView.html#addJavascriptInterface(java.lang.Object, java.lang.String))
addJavaScriptInterface() (/reference/android/webkit
/WebView.html#addJavascriptInterface(java.lang.Object, java.lang.String))
addJavaScriptInterface() (/reference/android
/webkit/WebView.html#addJavascriptInterface(java.lang.Object, java.lang.String))
WebView (/reference/android/webkit/WebView.html)
clearCache() (/reference/android/webkit/WebView.html#clearCache(boolean))
no-cache
Security Tips | Android Developers 6/2/2014 9:21 PM
http://developer.android.com/training/articles/security-tips.html 5 of 9
AccountManager
(/reference/android/accounts/AccountManager.html) AccountManager (/reference
/android/accounts/AccountManager.html)
AccountManager (/reference/android/accounts/AccountManager.html) Account
(/reference/android/accounts/Account.html) CREATOR (/reference/android/accounts/Account.html#CREATOR)
AccountManager (/reference/android/accounts/AccountManager.html)
checkSignature() (/reference/android/content/pm/PackageManager.html#checkSignatures(int, int))
KeyStore (/reference
/java/security/KeyStore.html)
HttpsURLConnection
(/reference/javax/net/ssl/HttpsURLConnection.html) SSLSocket (/reference/javax/net/ssl
/SSLSocket.html)
Cipher (/reference/javax/crypto/Cipher.html)
SecureRandom (/reference/java/security/SecureRandom.html)
KeyGenerator (/reference/javax/crypto/KeyGenerator.html)
KeyStore (/reference/java/security
/KeyStore.html)
Intent
(/reference/android/content/Intent.html) Binder (/reference/android/os/Binder.html) Messenger
(/reference/android/os/Messenger.html) Service (/reference/android/app/Service.html)
BroadcastReceiver (/reference/android/content/BroadcastReceiver.html)
Security Tips | Android Developers 6/2/2014 9:21 PM
http://developer.android.com/training/articles/security-tips.html 6 of 9
android:exported "false"
<service>
<permission>
"signature"
android:protectionLevel
sendBroadcast() (/reference/android/content
/Context.html#sendBroadcast(android.content.Intent)) sendOrderedBroadcast() (/reference/android
/content/Context.html#sendOrderedBroadcast(android.content.Intent, java.lang.String))
Service (/reference/android/app/Service.html)
android:exported
android:permission
<uses-
permission> (/guide/topics/manifest/uses-permission-element.html)
checkCallingPermission()
(/reference/android/content/Context.html#checkCallingPermission(java.lang.String))
Binder (/reference/android/os/Binder.html) Messenger (/reference/android/os/Messenger.html)
Binder (/reference/android/os/Binder.html) Messenger (/reference/android
/os/Messenger.html)
Security Tips | Android Developers 6/2/2014 9:21 PM
http://developer.android.com/training/articles/security-tips.html 7 of 9
Service (/reference/android/app/Service.html) Activity (/reference/android
/app/Activity.html)
Binder
(/reference/android/os/Binder.html) Messenger (/reference/android/os/Messenger.html)
checkCallingPermission() (/reference
/android/content/Context.html#checkCallingPermission(java.lang.String))
Service
(/reference/android/app/Service.html) bindService() (/reference/android/content
/Context.html#bindService(android.content.Intent, android.content.ServiceConnection, int))
clearCallingIdentity() (/reference/android
/os/Binder.html#clearCallingIdentity())
BroadcastReceiver (/reference/android/content/BroadcastReceiver.html)
Intent (/reference/android/content/Intent.html)
BroadcastReceiver
(/reference/android/content/BroadcastReceiver.html)
<receiver> (/guide/topics/manifest/receiver-
element.html)
BroadcastReceiver (/reference/android/content
/BroadcastReceiver.html)
DexClassLoader
(/reference/dalvik/system/DexClassLoader.html)
Security Tips | Android Developers 6/2/2014 9:21 PM
http://developer.android.com/training/articles/security-tips.html 8 of 9