Here, "transaction" refers to a Binder IPC call. IPC in Android is largely Binder IPC and the Binder framework implements a synchronous RPC pattern; that's where the term "transaction" comes from.
In Android's current architecture, content providers are (almost) always invoked via Binder IPC, i.e. query/update/delete are all triggering Binder IPC calls. The only time, when this isn't really *inter-process*, is when Content Provider and the calling application are executed with a shared unix user id (i.e. Content Provider and caller are within the same application and/or Content Provider and caller are using the shared uid feature); however, even in these cases the call is handled by the Binder framework and getCallingUid() should return the caller's uid (which is then equivalent to the Content Provider's uid, obviously). -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To view this discussion on the web visit https://groups.google.com/d/msg/android-security-discuss/-/MSXDlvUbpI8J. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
