为什么我们能够重新定义任何Android应用程序中的系统/框架级别?
我试图在框架/base/core/res/androidmanifest.xml中定义签名级别的权限,因为已经有了已经定义的很多许可。我想到了是否会在这里定义它,以便任何其他应用都无法在其应用程序中重新定义同样的许可。即使我也能够重新定义“ android.permission.send_sms”,甚至我也可以更改protectionLevel。
但是我注意到我可以在第三方Android应用程序中重新定义任何系统许可。为什么这么开心?
我知道,如果我可以重新定义该第三方应用程序签名的许可,则未授予该第三方应用程序。
另外,我知道,如果我在任何应用程序中定义了权限,而不是在框架方面,我将无法在任何第三方应用程序中重新定义相同的权限。
因为它不会被视为框架级别的许可。因此,如果用户试图安装一个定义相同< plt;元素的应用程序,以及其他一些已经安装的应用程序,并且两个应用程序未通过同一签名键签名,则第二个应用程序签名App的安装失败,install_failed_duplate_permission错误。
Installation did not succeed.
The application could not be installed: INSTALL_FAILED_DUPLICATE_PERMISSION
List of apks:
[0] 'E:\AndroidProjects\testing\app\build\outputs\apk\debug\app-debug.apk'
Installation failed due to: 'Failed to commit install session 128835007 with command cmd package install-commit 128835007. Error: INSTALL_FAILED_DUPLICATE_PERMISSION: Package com.example.permcheck attempting to redeclare permission com.my.prm.external.lib.permission.SDK_API_ACCESS already owned by com.example.app.testapp'
我认为场景背后 this 代码 进行许可检查。
为什么Android在框架中已经定义了Android?在任何已安装的软件包中已经定义了Android System Devps在这种情况下丢弃错误的情况下,它的意图是什么?
I am trying to define a signature level permission in framework/base/core/res/AndroidManifest.xml as there is already so much permission that is already defined. I thought of if I will define it here so that any other app can't redefine that same permission in their apps. Even I am able to redefine "android.permission.SEND_SMS" or even I can change the protectionLevel also.
But I noticed that I can redefine any system permission in my 3rd party android app. Why it's happing so?
I got to know though I can redefine the permission it's not granted for that 3rd party app if its protection level is signature.
Also, I got to know that if I define permission in any App, not on the framework side, I can't redefine the same permission in any 3rd party app.
Because it will not be treated as a framework level permission. So that if a user tries to install an app that defines the same <permission> element as does some other already-installed app, and the two apps are not signed by the same signing key, the second app's installation fails with an INSTALL_FAILED_DUPLICATE_PERMISSION error.
Installation did not succeed.
The application could not be installed: INSTALL_FAILED_DUPLICATE_PERMISSION
List of apks:
[0] 'E:\AndroidProjects\testing\app\build\outputs\apk\debug\app-debug.apk'
Installation failed due to: 'Failed to commit install session 128835007 with command cmd package install-commit 128835007. Error: INSTALL_FAILED_DUPLICATE_PERMISSION: Package com.example.permcheck attempting to redeclare permission com.my.prm.external.lib.permission.SDK_API_ACCESS already owned by com.example.app.testapp'
I think behind the scene this code is running for permission check.
Why android can't just throw an error if it's already defined in the framework? What is the intention of Android system devps to not throw an error in such a case as it throws an error in case of permission is already defined in any installed package?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论