On Mar 9, 4:35 pm, Dianne Hackborn <[email protected]> wrote: > On Wed, Mar 9, 2011 at 12:58 PM, peterw <[email protected]> wrote: > > Also it would be great if this could be used to disallow access to > > certain core apps. ... > > that the core apps are probably the most dangerous, since they're the > > only ones that can't be upgraded easily. > > What in the world does that have to do with modifying the package manager??
I understand Anurag's core point to be "It would be nice if we could limit what 3rd party apps are allowed to be used." And my thinking is "It would be nice if we could limit what apps are allowed to be used, including 'core' apps." Sure, you couldn't implement an APK/installer check inside the package manager for core apps given the current architecture (reminds me of Windows 98: hey, you can't uninstall IE, it's required!!!). But I don't think Anurag is talking about the package manager per se, he's talking about how to limit what 3rd party apps can be used. Take a step back and consider the big picture. You (Google/ Android.com) can't reliably update core apps to anything other than your own Google Nexus brand phones since you have to work through at least the handset vendor, and often (in countries like the US), the cell phone company, too. If you can't guarantee that our Android devices' WebKit browsers or POP3 clients or Calendar apps or whatever have the latest security fixes, then give us a way to ensure that our users can't use those apps. Imagine being able to configure Windows 7 to disallow use of the core IE8 browser, but allow Google Chrome. Same basic idea. -Peter -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
