100% agree with Jon.
It's because of these fundamental problems that we removed support for the
SecurityManager in Android. If you attempt to set a security manager in
Android, it will throw a SecurityException.
http://developer.android.com/reference/java/lang/System.html#setSecurityManager(java.
Good point, Jon. I could also add that AccountManager can be used to
implement a custom service. It can be easier for ordinary users to install
- they would just need to create a new account type with parameters.
Account implementention would contain all services running as a separate
process.
Yet
It's simply not possible to prevent applications from inspecting variables
inside of a library that's loaded into their own process. Since there's no
default SecurityManager, an app could use reflection to modify the
protection flags on a class, method, or field (i.e., change a private field
to pub
I want to build a Java library and give to developer community to develop
Android app. Now how can I prevent the user from looking at run time
variables inside the library.
We do have standard Java protection mechanisms, but how can we make the
solution fool proof.
Thanks
--
You received this me
