Android——permission之android:protectionLevel

yelinsen05

浏览: 499714 次
性别:
来自: 杭州

最近访客更多访客>>

daojin

su1216

nuannuandetaiyang

kincieng

博主相关

博客

微博

相册

留言

关于我

文章分类

社区版块

存档分类

Android Java OS Eclipse Access

permission 又一个头疼的问题研究了一整天哦！
首先protectionLevel分为四级：
"normal"
The default value. A lower-risk permission that gives requesting applications access to isolated application-level features, with minimal risk to other applications, the system, or the user. The system automatically grants this type of permission to a requesting application at installation, without asking for the user's explicit approval (though the user always has the option to review these permissions before installing).

"dangerous"
A higher-risk permission that would give a requesting application access to private user data or control over the device that can negatively impact the user. Because this type of permission introduces potential risk, the system may not automatically grant it to the requesting application. For example, any dangerous permissions requested by an application may be displayed to the user and require confirmation before proceeding, or some other approach may be taken to avoid the user automatically allowing the use of such facilities.

"signature"
A permission that the system grants only if the requesting application is signed with the same certificate as the application that declared the permission. If the certificates match, the system automatically grants the permission without notifying the user or asking for the user's explicit approval.

"signatureOrSystem"
A permission that the system grants only to applications that are in the Android system image or that are signed with the same certificates as those in the system image. Please avoid using this option, as the signature protection level should be sufficient for most needs and works regardless of exactly where applications are installed. The "signatureOrSystem" permission is used for certain special situations where multiple vendors have applications built into a system image and need to share specific features explicitly because they are being built together.

前面几个很好理解
现在重点记忆下最后一个signatureOrSystem 顾名思义就是在拥有权限的同时还必须满足signature一致或System级别APK才拥有！
现在做了如下尝试

Test Result:

TestCustomPermission是我自定义了一个Activity的访问权限的APK

TestPermission 去访问TestCustomPermission的Activity

EclipseSignature 中两个都用eclipse的签名

OtherSignature 中两个都用相同的另一种签名

DifferentSignature 中两个签名不想同

以下是测试结果：

APP级别

权限设置为signatureOrSystem

1. EclipseSignature 成功访问！可以加入权限！

2. OtherSignature 成功访问！可以加入权限！

3. DifferentSignature 访问失败！

04-01 11:03:31.453: WARN/ActivityManager(58): Activity destroy timeout for HistoryRecord{43f38bb0 com.test.testpermission/.TestPermission}
04-01 11:03:55.285: INFO/ActivityManager(58): Starting activity: Intent { act=android.intent.action.MAIN cat=[android.intent.category.LAUNCHER] flg=0x10200000 cmp=com.test.testpermission/.TestPermission }
04-01 11:03:55.365: INFO/ActivityManager(58): Start proc com.test.testpermission for activity com.test.testpermission/.TestPermission: pid=1273 uid=10037 gids={1015}
04-01 11:03:55.876: WARN/Resources(1273): Converting to string: TypedValue{t=0x12/d=0x0 a=2 r=0x7f050000}
04-01 11:03:56.026: INFO/ActivityManager(58): Displayed activity com.test.testpermission/.TestPermission: 672 ms (total 672 ms)
04-01 11:03:57.305: INFO/ActivityManager(58): Starting activity: Intent { cmp=com.test.testcustompermission/.TestCustomPermission }
04-01 11:03:57.305: WARN/ActivityManager(58): Permission Denial: starting Intent { cmp=com.test.testcustompermission/.TestCustomPermission } from ProcessRecord{43f9de88 1273:com.test.testpermission/10037} (pid=1273, uid=10037) requires com.test.TESTCUSTOMPERMISSION
04-01 11:03:57.305: DEBUG/AndroidRuntime(1273): Shutting down VM
04-01 11:03:57.315: WARN/dalvikvm(1273): threadid=1: thread exiting with uncaught exception (group=0x4001d800)
04-01 11:03:57.325: ERROR/AndroidRuntime(1273): FATAL EXCEPTION: main
04-01 11:03:57.325: ERROR/AndroidRuntime(1273): java.lang.SecurityException: Permission Denial: starting Intent { cmp=com.test.testcustompermission/.TestCustomPermission } from ProcessRecord{43f9de88 1273:com.test.testpermission/10037} (pid=1273, uid=10037) requires com.test.TESTCUSTOMPERMISSION
04-01 11:03:57.325: ERROR/AndroidRuntime(1273):     at android.os.Parcel.readException(Parcel.java:1247)
04-01 11:03:57.325: ERROR/AndroidRuntime(1273):     at android.os.Parcel.readException(Parcel.java:1235)
04-01 11:03:57.325: ERROR/AndroidRuntime(1273):     at android.app.ActivityManagerProxy.startActivity(ActivityManagerNative.java:1298)
04-01 11:03:57.325: ERROR/AndroidRuntime(1273):     at android.app.Instrumentation.execStartActivity(Instrumentation.java:1373)
04-01 11:03:57.325: ERROR/AndroidRuntime(1273):     at android.app.Activity.startActivityForResult(Activity.java:2817)
04-01 11:03:57.325: ERROR/AndroidRuntime(1273):     at android.app.Activity.startActivity(Activity.java:2923)
04-01 11:03:57.325: ERROR/AndroidRuntime(1273):     at com.test.testpermission.TestPermission.onClick(TestPermission.java:27)
04-01 11:03:57.325: ERROR/AndroidRuntime(1273):     at android.view.View.performClick(View.java:2408)
04-01 11:03:57.325: ERROR/AndroidRuntime(1273):     at android.view.View$PerformClick.run(View.java:8816)
04-01 11:03:57.325: ERROR/AndroidRuntime(1273):     at android.os.Handler.handleCallback(Handler.java:587)
04-01 11:03:57.325: ERROR/AndroidRuntime(1273):     at android.os.Handler.dispatchMessage(Handler.java:92)
04-01 11:03:57.325: ERROR/AndroidRuntime(1273):     at android.os.Looper.loop(Looper.java:123)
04-01 11:03:57.325: ERROR/AndroidRuntime(1273):     at android.app.ActivityThread.main(ActivityThread.java:4627)
04-01 11:03:57.325: ERROR/AndroidRuntime(1273):     at java.lang.reflect.Method.invokeNative(Native Method)
04-01 11:03:57.325: ERROR/AndroidRuntime(1273):     at java.lang.reflect.Method.invoke(Method.java:521)
04-01 11:03:57.325: ERROR/AndroidRuntime(1273):     at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:868)
04-01 11:03:57.325: ERROR/AndroidRuntime(1273):     at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:626)
04-01 11:03:57.325: ERROR/AndroidRuntime(1273):     at dalvik.system.NativeStart.main(Native Method)
04-01 11:03:57.335: WARN/ActivityManager(58):   Force finishing activity com.test.testpermission/.TestPermission
04-01 11:03:57.836: WARN/ActivityManager(58): Activity pause timeout for HistoryRecord{43fa0440 com.test.testpermission/.TestPermission}
04-01 11:03:58.856: INFO/Process(1273): Sending signal. PID: 1273 SIG: 9
04-01 11:03:58.876: INFO/ActivityManager(58): Process com.test.testpermission (pid 1273) has died.
04-01 11:03:58.876: INFO/WindowManager(58): WIN DEATH: Window{4405d010 com.test.testpermission/com.test.testpermission.TestPermission paused=false}
04-01 11:03:58.916: WARN/InputManagerService(58): Got RemoteException sending setActive(false) notification to pid 1273 uid 10037
04-01 11:04:08.169: WARN/ActivityManager(58): Activity destroy timeout for HistoryRecord{43fa0440 com.test.testpermission/.TestPermission}

权限设置为normal

1. DifferentSignature 成功访问！可以加入权限！

System 级别

权限设置为signatureOrSystem

1. EclipseSignature 成功访问！可以加入权限！

2. OtherSignature 成功访问！可以加入权限！

3. DifferentSignature 成功访问！可以加入权限！

TestCustomPermission再 system TestPermission 在APP

1.DifferentSignature 失败

2.签名相同成功！

最后一个实验

在TestCustomPermission中注册 signatureOrSystem！APP层访问在framework API中验证！

分享到：

Ubuntu的翻译工具——星际译王StarDict | Android 异常收集哦

2011-04-01 21:31
浏览 14622
评论(0)
分类:移动开发
查看更多

发表评论

您还没有登录,请您登录后再发表评论

最近访客更多访客>>

博主相关

文章分类

社区版块

存档分类

最新评论