I understand "don't do this"... trust me I don't want to, but it
doesn't answer the question if it will work in a market app.
The rationale behind it, is that the rendering implementations between
1.5 and newer versions forward have a minor change with a large impact
with regards to Z ordering. Since bug fixes aren't back ported there
needs to be some way to intercept the call and correct it. I
understand it's fragile however it's only meant to support 1.5, which
as much as it gets neglected, still has a decent amount of people
using it. We use a wrapper around WindowSession to correct the Z
ordering on calls to relayout().
Again, trust me, the fragility is known. However a better rationale
is, that when this app, that as you said "will likely break," ...
breaks, it would be assumed that support for the broken version of the
OS would also be dropped ;)
-Greg
On Jun 16, 6:57 pm, Dianne Hackborn wrote:
> Don't do this. This is not a security issue at all; it just makes an app
> that will likely break itself.
>
> On Wed, Jun 16, 2010 at 12:47 PM, Greg Giacovelli wrote:
>
>
>
>
>
> > Hi,
> > So I came across this today and was wondering does this work in
> > production app or does it merely work because my phone allows non
> > market apks.
>
> > Here is an example,
> > Take a class like, android.view.IWindow, and copy it's source into
> > your project and recompile it after changing a few things. (Don't
> > rename or repackage it).
>
> > Now when your APK loads in the VM, something odd happens.
>
> > 06-15 23:30:32.148: DEBUG/installd(555): DexInv: --- BEGIN '/data/app/
> > vmdl22987.tmp' ---
> > 06-15 23:30:32.818: DEBUG/dalvikvm(1062): DexOpt: 'Landroid/view/
> > IWindow;' has an earlier definition; blocking out
> > 06-15 23:30:32.818: DEBUG/dalvikvm(1062): DexOpt: 'Landroid/view/
> > IWindowSession;' has an earlier definition; blocking out
> > 06-15 23:30:33.218: DEBUG/dalvikvm(1062): DexOpt: not verifying
> > 'Landroid/view/IWindow;': multiple definitions
> > 06-15 23:30:33.218: DEBUG/dalvikvm(1062): DexOpt: not verifying
> > 'Landroid/view/IWindowSession;': multiple definitions
>
> > So the logging is a little ambiguous, but is it saying that the
> > classes in this APK are blocking out previous versions and that these
> > new classes aren't being verified. If so I hope this is only
> > succeeding because as developers most targets are in development mode
> > when allowing non market apks (non rooted phones). However does this
> > work in market released apps as well? This seems like a really nasty
> > security exploit if I can override system interfaces just for my
> > application.
>
> > -Greg
>
> > -Greg
>
> > --
> > You received this message because you are subscribed to the Google
> > Groups "Android Developers" group.
> > To post to this group, send email to android-developers@googlegroups.com
> > To unsubscribe from this group, send email to
> > android-developers+unsubscr...@googlegroups.com > cr...@googlegroups.com>
> > For more options, visit this group at
> >http://groups.google.com/group/android-developers?hl=en
>
> --
> Dianne Hackborn
> Android framework engineer
> hack...@android.com
>
> Note: please don't send private questions to me, as I don't have time to
> provide private support, and so won't reply to such e-mails. All such
> questions should be posted on public forums, where I and others can see and
> answer them.
--
You received this message because you are subscribed to the Google
Groups "Android Developers" group.
To post to this group, send email to android-developers@googlegroups.com
To unsubscribe from this group, send email to
android-developers+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/android-developers?hl=en
