When you declare an intent receiver in a manifest (or register one in
the API), you can specify the permission required by someone to be
able to send to it.  When you define that permission, you can say it
can only be held by applications signed with the same certificate as
your own.

Basic information on these kind of security issues is here:
http://code.google.com/android/devel/security.html

On Nov 16, 4:50 pm, filosofico <[EMAIL PROTECTED]> wrote:
> Greetings to everyone,
> I am extending the platform for another kind of hardware where it is
> assumed that applications can take actions that may be dangerous.
> Therefore it is essential that only applications verified by the
> manufacturer can perform dangerous operations. For all other
> applications will remain the original policies of Android. It is not
> my intention devalues the openess of Android, but safety, in my case,
> is of vital importance.
>
> For reasons of modularity and adherence to the original architecture,
> requests that applications make to my hardware are injected into the
> system as Intent (...).
>
> Supposing that Intents that request dangerous actions are handled by a
> specialized "content provider"
> My question is if there is a way (using only what's provided by the
> framework of SDK1.0):
> * to ensure that only trusted applications can deliver particular
> types of Intent (...)?
> or
> * to verify (for example by the specialized "content provider" as
> above) that the origin of Intent is a trusted application (through the
> signature of the package, for example, etc)?
>
> Thanks to all who want to attend their time,
> see you soon
>
> Filippo P.
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups 
"android-framework" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/android-framework?hl=en
-~----------~----~----~----~------~----~------~--~---

Reply via email to