On Tue, Aug 25, 2009 at 3:46 PM, salza <[email protected]> wrote:
> > Thanks for your answer. > > I have some questions to your explanation: > > > 1) security. No other OS has the underlying security of android where > > each program is run under its own user account. > > What is that own user account? Do you mean that every thread gets an > own instance of the Dalvik VM? > It's a Unix user account, so each app has its own private directory that can't be snooped / overwritten / corrupted by other applications. Of course, there are several ways to share data between applications, depending on the level of flexibility and/or security you need, but if an app wants to keep its data private, it should. Each application gets its own Dalvik VM, certain system services also run under their own user account that has less priviledes than the system one. A good example is the media_server process where media files are decoded. It is actually very frequent for codec code to be written for speed instead of security, and thus security issues are expected. By running this code in a restricted process, we significantly limit the attack surface of the system (since nearly all media files come from the user or the net). Same goes for the browser process, which can't read your Contacts database, in case a really malicious thing happens. Application package must provide a manifest which explains which permissions they require to the system, and these must be approved by the user at installation time. If the application tries to do something it is not authorized to do, an error or exception will happen, and that's about it. The rest of the system will be unaffected. The user is in charge of deciding what and what not to install, instead of some obscure evaluation team with emotional mood swings, or forcing the developer to pay huge amounts of cash to do something simple. And this is also part of the platform's freedom by the way. Can you only change the applications in the application layer > (referring to the Android architecture or can you as a developer even > deliver new libraries that will change the OS? I see there a conflict > with the terms of condition: You can write/add/remove applications at will. You can also write services that will run in the background, or be available to other applications. You can also distribute your application packages any way you want. However, changing the system's libraries is not normally possible on production devices. Note that Android provides infrastructure to allow applications to replace certain system components. That's why there are alternative home applications, dialers, contacts managers, available that replace the default ones. And also manufacturers are free to customize all this. > > 3.3 Except to the extent required by applicable third party licenses, > you may not copy (except for backup purposes), modify, adapt, > redistribute, decompile, reverse engineer, disassemble, or create > derivative works of the SDK or any part of the SDK. Except to the > extent required by applicable third party licenses, you may not load > any part of the SDK onto a mobile handset or any other hardware device > except a personal computer, combine any part of the SDK with other > software, or distribute any software or device incorporating a part of > the SDK. > This applies to the system images distributed specifically with the Android SDK, because some of them contain proprietary Google-specific bits. However, you can rebuild a system image from the official open sources and have it run in the emulator just fine. Having it running on a device is a little more problematic because you'll need proprietary binary blobs corresponding to hardware-specific support libraries. However, there are several ways to get them (e.g. downloading original images for the Dream/Magic on HTC's site), and is a purely hardware-specific problem. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Android Discuss" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/android-discuss?hl=en -~----------~----~----~----~------~----~------~--~---
