A new application needs to be signed with the same certificate as the old one to be able to update it.
On Thu, Jun 10, 2010 at 3:43 PM, Pragati Ogal Rai <[email protected]>wrote: > Consider a scenario where an app is pre-installed by the manufacturer. > Now the developer can create an updated app and puts it on the market > signed with developer's own certificate. The users of the pre- > installed app can upgrade it. This is all good. But what if someone > else besides the original developer (read hacker) place their app with > the same name in Android Market. Can users still upgrade their pre- > installed app and get around SystemOrSignature permissions. > > > > On Jun 4, 4:14 pm, Dianne Hackborn <[email protected]> wrote: > > An application signed with a platform cert can't be placed on Market, > > because each device has its own platform cert. > > > > An application developer that wants to use these permissions needs to be > > working with a device manufacturer to have the app pre-installed; given > > that, you can just be pre-installed on the system image and thus be > granted > > this type of permission without needing to be signed with a special cert. > > (This also means you can place your app, signed with your own cert, on > > Market, and deliver updates to it even to devices that are pre-installed, > > like Google Maps does. When the update is applied, you can continue to > have > > whatever permissions you were originally granted as an app pre-installed > in > > the system. Of course users could still install your app on a device > where > > it wasn't pre-installed, so such an app needs to be able to run in some > way > > in situations where it doesn't get the permission.) > > > > > > > > > > > > On Fri, Jun 4, 2010 at 1:45 PM, ivan <[email protected]> wrote: > > > Hello, > > > > > I'm writing an extensive application that's going to require the > > > downloading of media content. > > > > > I've learned a little about the DownloadProvider that requires > > > signatureOrSystem permissions. > > > > > I'm assuming to be signed by the system signature one must negotiate > > > with Google and the OEM (or something like that). > > > > > Is this correct? > > > > > Can someone please explain the process of creating an application with > > > signatureOrSystem permissions that can access the DownloadProvider? > > > Please note that this is an application meant for Google Market. > > > > > Thanks. > > > > -- > > Dianne Hackborn > > Android framework engineer > > [email protected] > > > > Note: please don't send private questions to me, as I don't have time to > > provide private support, and so won't reply to such e-mails. All such > > questions should be posted on public forums, where I and others can see > and > > answer them.- Hide quoted text - > > > > - Show quoted text - > -- Dianne Hackborn Android framework engineer [email protected] Note: please don't send private questions to me, as I don't have time to provide private support, and so won't reply to such e-mails. All such questions should be posted on public forums, where I and others can see and answer them.
