On Sat, Jul 10, 2010 at 4:47 AM, Raj <[email protected]> wrote:
> So I need to know the "identity", which i think in Android's case is > the package name with which the clients are installed (I'm assuming no > two applications will be allowed to be installed with the same package > name in Android - is this correct?). > Package name is NOT a secure identity. Only one package with a given name can be installed, but nothing prevents someone from writing another package with the same name and installing it -instead-. The global secure identity for an app is its package name + signing cert. For purely running on a particular device, the uid is the security sandbox level, so the only thing you need to deal with to ensure security. The only thing you'd need to take care of is remove information about a uid when it gets uninstalled (There's a Broadcast For That(tm)), so that when a new app gets installed with that same (no longer used) uid you don't confuse it with the old app. -- Dianne Hackborn Android framework engineer [email protected] Note: please don't send private questions to me, as I don't have time to provide private support, and so won't reply to such e-mails. All such questions should be posted on public forums, where I and others can see and answer them.
