All geek questions in one place

Android AIDL Security

Is there any protection when an application calls a remote service using AIDL? Or is it just how a malicious application can read data?

+4
source share
3 answers

On Android, one process usually cannot access the memory of another process.

When linked to applications with AIDL interface, the system will establish a connection between these processes. Thus, there are only two applications that can read information that is shared through the AIDL interface.

If you want to be sure, you have to do an extra check in onBind(Intent intent) to make sure your own application that connects

Tip: Read the first part of this page: http://developer.android.com/guide/components/aidl.html

+2
source

You can always filter your methods to restrict allowed packages. Throw a SecurityException if the packet does not have permission

 Collection<String> callingpackages = getCallingPackages(); if(!callingpackages.contains("yourpackagename"){ //Throw securityException. }

And getCallingPackages

 private Collection<String> getCallingPackages() { int caller = Binder.getCallingUid(); if (caller == 0) { return null; } return Lists.newArrayList(mContext.getPackageManager().getPackagesForUid(caller)); }
+1
source

In addition, when connecting to a remote service. specify the name of the application package in which the service is running.

in this way

Intent serviceIntent = new intent ("com.android.vending.billing.InAppBillingService.BIND"); serviceIntent.setPackage ("com.android.vending"); bindService (serviceIntent, mServiceConn, Context.BIND_AUTO_CREATE);

Attention. To make sure your application is secure, always use explicit intent when starting a service and do not declare intent filters for your services. Using an implicit intent to start a service is a security risk because you cannot be sure that the service will respond to the intent and the user cannot see which service is starting. Starting with Android 5.0 (API level 21), the system throws an exception if you call bindService () with an implicit intent.

0
source

Source: https://habr.com/ru/post/1432634/

More articles:


All Articles