Lines Matching full:application
32 application security issues. The system is designed so you can typically build your apps with
38 <li>The Android Application Sandbox, which isolates your app data and code execution
40 <li>An application framework with robust implementations of common
49 <li>Application-defined permissions to control application data on a per-app basis.</li>
61 <p>The most common security concern for an application on Android is whether the data
85 application. For example, a key can be placed in a {@link java.security.KeyStore}
99 application, you should not store sensitive information using
114 to your own application or exported to allow access by other applications.
118 android:exported=false</a></code> in the application manifest. Otherwise, set the <code><a
191 <p>If it's possible to design your application in a way that does not require
194 href="{@docRoot}reference/java/util/UUID.html">GUID</a> for your application
199 <p>In addition to requesting permissions, your application can use the <a
234 as application performing the permission check.</p>
244 <li>Users may choose not to install an application because a permission is
286 worse than using loopback is to bind to INADDR_ANY since then your application
305 should expect that a malicious user may have sent the SMS to your application—Do
366 Finally, consider if there is a way that your application logic can be
368 application might use the hash of an an email address as a primary key, to
371 attempting to exploit your application.</p>
373 <p>If your application accesses personal information such as passwords or
379 <p>You should also consider whether your application might be inadvertently
381 for advertising or third-party services used by your application. If you don't
384 application will reduce the potential for problems in this area.</p>
392 application on the device through overly permissive IPC, world writable files,
405 to an application with the {@link android.Manifest.permission#READ_LOGS} permission.
422 the minimum functionality required by your application.</p>
424 <p>If your application does not directly use JavaScript within a {@link android.webkit.WebView}, do
427 application, so remove that method call if it's not required. By default,
439 addJavaScriptInterface()} only to JavaScript that is contained within your application APK.</p>
441 <p>If your application accesses sensitive data with a
445 headers like <code>no-cache</code> can also be used to indicate that an application should
470 credentials to the wrong application.</p>
473 can verify the application which accesses the {@link android.accounts.AccountManager} using
475 Alternatively, if only one application will use the credential, you might use a
523 the application connecting to your IPC and set security policy for each IPC
550 Depending on your application requirements, you might use {@link
553 or an explicit intent to a specific application component.</p>
586 application. However, if you add any intent filters to the service declaration, then it is exported
616 application manifest, and therefore you cannot apply declarative permissions
618 application manifest for the {@link android.app.Service} or {@link
630 application is passed to other interfaces. If invoking an interface provided
634 If calling an interface provided locally by your own application, it may be
649 application. If your {@link android.content.BroadcastReceiver}
653 <receiver></a></code> element within the application manifest. This will
666 <p>We strongly discourage loading code from outside of your application APK.
667 Doing so significantly increases the likelihood of application compromise due
669 management and application testing. Finally, it can make it impossible to
670 verify the behavior of an application, so it may be prohibited in some
673 <p>If your application does dynamically load code, the most important thing to
675 security permissions as the application APK. The user made a decision to
676 install your application based on your identity, and they are expecting that
677 you provide any code run within the application, including code that is
688 the content in transit, or another application on a users device to modify the
700 Your application runs in a secure sandbox environment, so other processes on the system cannnot
721 Android, the Dalvik VM is not a security boundary—the application sandbox is
723 same application without any security constraints.</li>
727 doing this, consider both the source where you retrieve your application logic
738 application development, rather than using native code with the
752 Application Sandbox. On Android, all applications run in the Application
755 every application is given a unique <acronym title="User Identifier">UID</acronym>
758 Overview</a> and you should be familiar with application permissions even if
