Hi, So I came across this today and was wondering does this work in production app or does it merely work because my phone allows non market apks.
Here is an example, Take a class like, android.view.IWindow, and copy it's source into your project and recompile it after changing a few things. (Don't rename or repackage it). Now when your APK loads in the VM, something odd happens. 06-15 23:30:32.148: DEBUG/installd(555): DexInv: --- BEGIN '/data/app/ vmdl22987.tmp' --- 06-15 23:30:32.818: DEBUG/dalvikvm(1062): DexOpt: 'Landroid/view/ IWindow;' has an earlier definition; blocking out 06-15 23:30:32.818: DEBUG/dalvikvm(1062): DexOpt: 'Landroid/view/ IWindowSession;' has an earlier definition; blocking out 06-15 23:30:33.218: DEBUG/dalvikvm(1062): DexOpt: not verifying 'Landroid/view/IWindow;': multiple definitions 06-15 23:30:33.218: DEBUG/dalvikvm(1062): DexOpt: not verifying 'Landroid/view/IWindowSession;': multiple definitions So the logging is a little ambiguous, but is it saying that the classes in this APK are blocking out previous versions and that these new classes aren't being verified. If so I hope this is only succeeding because as developers most targets are in development mode when allowing non market apks (non rooted phones). However does this work in market released apps as well? This seems like a really nasty security exploit if I can override system interfaces just for my application. -Greg -Greg -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
