On Fri, May 25, 2012 at 10:31 AM, Latimerius <l4t1m3r...@googlemail.com> wrote: > Am I messing up somewhere, or is this the expected outcome?
You believe that all data is created equal. :-) While egalitarian, it is inaccurate. You appear to be conflating: -- resources & assets -- internal storage -- external storage An app's reesources & assets are world-readable (i.e., any app on the device can read them). An app's internal storage, by default, is private to the app's own user ID. Anything on external storage is world-readable (and world-writeable, for the portion of the world that holds the WRITE_EXTERNAL_STORAGE permission). > Or, does > it work because both applications are (probably - I'm not totally sure > what Eclipse does behind the scenes while creating and building > projects) signed with same key? No. > I might also be misreading the Dev > Guide security docs when they refer to "application data" - does that > mean stuff in assets/ or res/, or just anything an application writes > to the SD card (should I say "external storage")? Neither -- see above. > Also, does it mean anybody can read my assets/ if they know the file name? Yes, and your resources as well. -- Mark Murphy (a Commons Guy) http://commonsware.com | http://github.com/commonsguy http://commonsware.com/blog | http://twitter.com/commonsguy Android Training...At Your Office: http://commonsware.com/training -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en