On Mon, May 26, 2014 at 10:19 AM, Eyal Bellisha <[email protected]> wrote: > The platform has several keys that sign apps during build time (platform, > shared, media. etc.) > One of those keys is the shared key. > For what purpose do apps like Dialer ,Contacts and the Launcher need to be > signed with the same key? > (Launcher and Contacts , for example, don't have a sharedUserId so I don't > see why not use different keys for each) I believe there are three or four platform keys. I'm not aware that any of them are shared or symmetric keys. As far as I recall, they are are public/private key pairs.
sharedUserId is for resource sharing among processes in userland. The apps must be signed under the same signing key and then they can share data and other resources. signatureOrSystem permission is the hammer that bypasses ACL and other checks (some hand waiving). I shake my head when a carrier bundles <some app> and gives it signatureOrSystem. A really good presentation by Marko Gargenta: http://www.youtube.com/watch?v=NS46492qyJ8. Jeff -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/android-security-discuss. For more options, visit https://groups.google.com/d/optout.
