mobile sec 1b Flashcards
Intents
t is a messaging object an app uses to request an
action from another app component.
– To start an activity
– To start a service
– Or to deliver a broadcast (any app will be able to receive it)
Two types of intents:
– Explicit intents
– Implicit intents:
Explicit intents:
specify the component to start by name (the fully-qualified class name).
– Implicit intents:
: do not name a specific component, but
declare a general action to perform, which allows a
component from another app to handle it.
Intent Filters
• To advertise which implicit intents an app can
receive, declare one or more intent filters for each
component of the app.
– This is declared in the Manifest file for the app.
• Each intent filter specifies the type of intents it
accepts based on the intent’s action, data, and
category.
• The system will deliver an implicit intent to an app
component only if the intent can pass through one of
its intent filters.
Intent resolution
Searches all apps for an intent filter that matches A’s intent. When a match
is found, system passes the Intent to the found target (app B).
Android Security: Kernel Security
: inherits features of Linux security.
App sandboxing via users and groups permissions of Linux
– Each app is assigned a unique user ID (UID) at the Linux level.
– Each app is run as a process with effective UID of the user for the app.
– Process isolation features in Linux apply to app, e.g., an app cannot
read/write another process (app) memory or files.
Android Security: Kernel Security::: File system:
– File system permissions from Linux: ensures an app cannot access files
owned by other apps.
– System partition (containing OS libraries, application runtime,
framework and applications) is set to read-only.
• SELinux enforcement (since Android 5.0)
ensures further app
isolation in addition to user-group isolation.
Android Security: Kernel Security “Rooting” of device:
“Rooting” of device:
– By default only the kernel and a small subset of applications run with root
permissions.
– User accessible apps do not have root permission by default.
– Granting root permission to user apps only possible by modifying the OS.
– Bootloader of most Android devices are locked to prevent modification of
OS. But some Android devices allows users to unlock it.
Android Security: Kernel Security Device Administration:
Since Android 2.2., Android OS includes a set of API for remote
administration.
– It can allow, e.g., an administrator to remotely wipe a device.
Android apps run in a sandbox and by default __________
t have limited
access to system resources.
The Android OS manages accesses to
manages accesses to critical resources such as:
– camera functions, location data (GPS), Bluetooth, telephony,
SMS/MMS, network/data connections.
The Android OS Requests to critical resources can be done through:
– Launching of activities of other apps (e.g., web browser, phone
app, etc).
– Using system provided API’s.
– Sending (explicit/implicit) Intent objects
– Binding to services provided by other apps/components.
• Access to critical resources are guarded by permissions
Android Permissions
Specify types of resources or services: internet, SMS, phone calls, read contacts, location (GPS), IMEI number, etc. • Each app asks for permissions it requires at install time.
Android Permissions
• Two types of permissions
normal permissions and dangerous permissions.
Android Permissions Normal permissions:
– permissions to access data or resources outside the app’s sandbox, where
there is very little risk to the user’s privacy or the operation of other apps
– Examples: accessing internet (INTERNET), setting time zone (SET_TIME_ZONE),
information about wifi networks (ACCESS_WIFI_STATE).
• Android Permissions Dangerous permissions:
– Permissions to access data or resources that involve the user’s private
information, or could potentially affect the user’s stored data or the operation
of other apps.
– Examples: read contact data (READ_CONTACTS), access GPS data
(ACCESS_FINE_LOCATION)
• An app can also define its own custom permissions, and sets their
protection level (i.e., normal or dangerous).
Android Permissions
• Dangerous Permissions - say more
permissions which could potentially affect the user's privacy or the device's operation. The user must explicitly agree to grant those permissions: – accessing the camera, – contacts, – location, – microphone, sensors, SMS, and storage.
Permission Groups
A permission can belong to a permission group.
• A permission group collects permissions related to
certain data/resource access, e.g,
– Permission group CONTACTS consists of READ_CONTACTS,
WRITE_CONTACTS and GET_ACCOUNT.
• Permission group is relevant only when enforcing
permission granting/denial of a dangerous permission.
• All dangerous permissions belong to permission
groups.
when is a permission group relevant
only when enforcing
permission granting/denial of a dangerous permission
• A permission group collects
s permissions related to
certain data/resource access
Granting Permissions
• An app specifies the permissions it needs in its
manifest file.
• Permission requests:
– At installation time:
• for normal permissions, automatically granted without user
interaction.
• For dangerous permissions, user confirmation is required.
– At runtime (before Android 6.0): no approval required
from user, for all kinds of permissions.
– At runtime (Android 6.0 onwards): dangerous
permissions require explicit approval from user.
