Thanks you all for your responses. As per the Dianne's suggestion, my understanding is as follows. Please do let me know if this is correct:
1. Android has two installers: a) The default installer, which performs the digital security check and allows applications to get installed only from Android Marketplace and b) The Side-loading installer, that does not perform a digital security check and allows any application to get installed. 2. To enable the Side-loading installer, check the "Unknown Sources" option under "Settings -> Applications" in Android. 3. This would disable Android's default application installer (1.a), as only one of the installer is enabled at a time. Code-wise, the code in Android that corresponds to the default installer (PackageManagerService ?) is now no longer executed. 4. Now, when any application is installed, the code corresponding to the Side-loading installer that gets executed is "PackageInstallerActivity.java", which is located in the folder "\mydroid\packages\apps\PackageInstaller\src\com\android \packageinstaller"? 5. "PackageInstallerActivity.java" would need to be updated to add the customized digital certificate check functionality? Anurag -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
