注册 登录  
 加关注
   显示下一条  |  关闭
温馨提示!由于新浪微博认证机制调整,您的新浪微博帐号绑定已过期,请重新绑定!立即重新绑定新浪微博》  |  关闭

北漂的小羊

Java编程,开发者,程序员,软件开发,编程,代码。新浪微博号:IT国子监

 
 
 

日志

 
 
关于我

在这里是面向程序员的高品质IT技术学习社区,是程序员学习成长的地方。让我们更好地用技术改变世界。请关注新浪微博号: IT国子监(http://weibo.com/itguozijian)

网易考拉推荐
GACHA精选

Android——permission之android:protectionLevel(转)  

2013-01-09 18:14:34|  分类: Android |  标签: |举报 |字号 订阅

  下载LOFTER 我的照片书  |
permission 又一个头疼的问题 研究了一整天哦! 
首先protectionLevel分为四级: 
"normal" 
The default value. A lower-risk permission that gives requesting applications access to isolated application-level features, with minimal risk to other applications, the system, or the user. The system automatically grants this type of permission to a requesting application at installation, without asking for the user's explicit approval (though the user always has the option to review these permissions before installing). 

"dangerous" 
A higher-risk permission that would give a requesting application access to private user data or control over the device that can negatively impact the user. Because this type of permission introduces potential risk, the system may not automatically grant it to the requesting application. For example, any dangerous permissions requested by an application may be displayed to the user and require confirmation before proceeding, or some other approach may be taken to avoid the user automatically allowing the use of such facilities. 

"signature" 
A permission that the system grants only if the requesting application is signed with the same certificate as the application that declared the permission. If the certificates match, the system automatically grants the permission without notifying the user or asking for the user's explicit approval. 

"signatureOrSystem" 
A permission that the system grants only to applications that are in the Android system image or that are signed with the same certificates as those in the system image. Please avoid using this option, as the signature protection level should be sufficient for most needs and works regardless of exactly where applications are installed. The "signatureOrSystem" permission is used for certain special situations where multiple vendors have applications built into a system image and need to share specific features explicitly because they are being built together. 

前面几个很好理解 
现在重点记忆下最后一个signatureOrSystem 顾名思义就是在拥有权限的同时还必须满足signature一致或System级别APK才拥有! 
现在做了如下尝试 

Test Result:
TestCustomPermission是我自定义了一个Activity的访问权限的APK
TestPermission 去访问TestCustomPermission的Activity


EclipseSignature 中两个都用eclipse的签名
OtherSignature 中两个都用相同的另一种签名
DifferentSignature 中两个签名不想同
以下是测试结果:

APP级别
权限设置为signatureOrSystem
1. EclipseSignature 成功访问 ! 可以加入权限!
2. OtherSignature 成功访问 ! 可以加入权限!
3. DifferentSignature  访问失败!

Java代码 
  1. 04-01 11:03:31.453: WARN/ActivityManager(58): Activity destroy timeout for HistoryRecord{43f38bb0 com.test.testpermission/.TestPermission}  
  2. 04-01 11:03:55.285: INFO/ActivityManager(58): Starting activity: Intent { act=android.intent.action.MAIN cat=[android.intent.category.LAUNCHER] flg=0x10200000 cmp=com.test.testpermission/.TestPermission }  
  3. 04-01 11:03:55.365: INFO/ActivityManager(58): Start proc com.test.testpermission for activity com.test.testpermission/.TestPermission: pid=1273 uid=10037 gids={1015}  
  4. 04-01 11:03:55.876: WARN/Resources(1273): Converting to string: TypedValue{t=0x12/d=0x0 a=2 r=0x7f050000}  
  5. 04-01 11:03:56.026: INFO/ActivityManager(58): Displayed activity com.test.testpermission/.TestPermission: 672 ms (total 672 ms)  
  6. 04-01 11:03:57.305: INFO/ActivityManager(58): Starting activity: Intent { cmp=com.test.testcustompermission/.TestCustomPermission }  
  7. 04-01 11:03:57.305: WARN/ActivityManager(58): Permission Denial: starting Intent { cmp=com.test.testcustompermission/.TestCustomPermission } from ProcessRecord{43f9de88 1273:com.test.testpermission/10037} (pid=1273, uid=10037) requires com.test.TESTCUSTOMPERMISSION  
  8. 04-01 11:03:57.305: DEBUG/AndroidRuntime(1273): Shutting down VM  
  9. 04-01 11:03:57.315: WARN/dalvikvm(1273): threadid=1: thread exiting with uncaught exception (group=0x4001d800)  
  10. 04-01 11:03:57.325: ERROR/AndroidRuntime(1273): FATAL EXCEPTION: main  
  11. 04-01 11:03:57.325: ERROR/AndroidRuntime(1273): java.lang.SecurityException: Permission Denial: starting Intent { cmp=com.test.testcustompermission/.TestCustomPermission } from ProcessRecord{43f9de88 1273:com.test.testpermission/10037} (pid=1273, uid=10037) requires com.test.TESTCUSTOMPERMISSION  
  12. 04-01 11:03:57.325: ERROR/AndroidRuntime(1273):     at android.os.Parcel.readException(Parcel.java:1247)  
  13. 04-01 11:03:57.325: ERROR/AndroidRuntime(1273):     at android.os.Parcel.readException(Parcel.java:1235)  
  14. 04-01 11:03:57.325: ERROR/AndroidRuntime(1273):     at android.app.ActivityManagerProxy.startActivity(ActivityManagerNative.java:1298)  
  15. 04-01 11:03:57.325: ERROR/AndroidRuntime(1273):     at android.app.Instrumentation.execStartActivity(Instrumentation.java:1373)  
  16. 04-01 11:03:57.325: ERROR/AndroidRuntime(1273):     at android.app.Activity.startActivityForResult(Activity.java:2817)  
  17. 04-01 11:03:57.325: ERROR/AndroidRuntime(1273):     at android.app.Activity.startActivity(Activity.java:2923)  
  18. 04-01 11:03:57.325: ERROR/AndroidRuntime(1273):     at com.test.testpermission.TestPermission.onClick(TestPermission.java:27)  
  19. 04-01 11:03:57.325: ERROR/AndroidRuntime(1273):     at android.view.View.performClick(View.java:2408)  
  20. 04-01 11:03:57.325: ERROR/AndroidRuntime(1273):     at android.view.View$PerformClick.run(View.java:8816)  
  21. 04-01 11:03:57.325: ERROR/AndroidRuntime(1273):     at android.os.Handler.handleCallback(Handler.java:587)  
  22. 04-01 11:03:57.325: ERROR/AndroidRuntime(1273):     at android.os.Handler.dispatchMessage(Handler.java:92)  
  23. 04-01 11:03:57.325: ERROR/AndroidRuntime(1273):     at android.os.Looper.loop(Looper.java:123)  
  24. 04-01 11:03:57.325: ERROR/AndroidRuntime(1273):     at android.app.ActivityThread.main(ActivityThread.java:4627)  
  25. 04-01 11:03:57.325: ERROR/AndroidRuntime(1273):     at java.lang.reflect.Method.invokeNative(Native Method)  
  26. 04-01 11:03:57.325: ERROR/AndroidRuntime(1273):     at java.lang.reflect.Method.invoke(Method.java:521)  
  27. 04-01 11:03:57.325: ERROR/AndroidRuntime(1273):     at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:868)  
  28. 04-01 11:03:57.325: ERROR/AndroidRuntime(1273):     at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:626)  
  29. 04-01 11:03:57.325: ERROR/AndroidRuntime(1273):     at dalvik.system.NativeStart.main(Native Method)  
  30. 04-01 11:03:57.335: WARN/ActivityManager(58):   Force finishing activity com.test.testpermission/.TestPermission  
  31. 04-01 11:03:57.836: WARN/ActivityManager(58): Activity pause timeout for HistoryRecord{43fa0440 com.test.testpermission/.TestPermission}  
  32. 04-01 11:03:58.856: INFO/Process(1273): Sending signal. PID: 1273 SIG: 9  
  33. 04-01 11:03:58.876: INFO/ActivityManager(58): Process com.test.testpermission (pid 1273) has died.  
  34. 04-01 11:03:58.876: INFO/WindowManager(58): WIN DEATH: Window{4405d010 com.test.testpermission/com.test.testpermission.TestPermission paused=false}  
  35. 04-01 11:03:58.916: WARN/InputManagerService(58): Got RemoteException sending setActive(false) notification to pid 1273 uid 10037  
  36. 04-01 11:04:08.169: WARN/ActivityManager(58): Activity destroy timeout for HistoryRecord{43fa0440 com.test.testpermission/.TestPermission}  


权限设置为normal
1. DifferentSignature   成功访问 ! 可以加入权限!



System 级别
权限设置为signatureOrSystem
1. EclipseSignature 成功访问 ! 可以加入权限!
2. OtherSignature 成功访问 ! 可以加入权限!
3. DifferentSignature  成功访问 ! 可以加入权限!


TestCustomPermission再 system TestPermission 在APP
1.DifferentSignature 失败
2.签名相同成功!



最后一个实验
在TestCustomPermission中注册 signatureOrSystem!APP层访问 在framework API中验证!
  评论这张
 
阅读(1005)| 评论(0)
推荐 转载

历史上的今天

评论

<#--最新日志,群博日志--> <#--推荐日志--> <#--引用记录--> <#--博主推荐--> <#--随机阅读--> <#--首页推荐--> <#--历史上的今天--> <#--被推荐日志--> <#--上一篇,下一篇--> <#-- 热度 --> <#-- 网易新闻广告 --> <#--右边模块结构--> <#--评论模块结构--> <#--引用模块结构--> <#--博主发起的投票-->
 
 
 
 
 
 
 
 
 
 
 
 
 
 

页脚

网易公司版权所有 ©1997-2016