How to restrict content provider data across applications

by

The easiest way is to protect the content provider with a permission you define. Make it a signature a permission so only apps signed with your certificate are allowed to get it.

See:

http://developer.android.com/guide/topics/security/security.html

http://developer.android.com/reference/android/R.styleable.html#AndroidManifestProvider

http://developer.android.com/guide/topics/manifest/provider-element.html

If doing this based on certificates is not sufficient, you will need to write the permission checks yourself. This is done by calling Binder.getCallingUid() for incoming calls to your applications, and deciding whether the given uid has permission to access your provider. Actually implementing a different policy that is actually secure requires a lot of careful thought and design, though.

More Related Contents:

  1. How to use support FileProvider for sharing content to other apps?
  2. CursorLoader usage without ContentProvider
  3. How to get camera result as a uri in data folder?
  4. Why does ContentResolver.requestSync not trigger a sync?
  5. Install shows error in console: INSTALL FAILED CONFLICTING PROVIDER
  6. Create and Share a File from Internal Storage
  7. Android KitKat (API 19) – How to write messages in SMS Content Provider, without sending them, from Non-Default App?
  8. How to implement a ContentObserver for call logs
  9. When to use a Content Provider
  10. Android error – close() was never explicitly called on database
  11. Using build types in Gradle to run same app that uses ContentProvider on one device
  12. Insertion of thousands of contact entries using applyBatch is slow
  13. CursorLoader not updating after data change
  14. How to use SMS content provider? Where are the docs?
  15. Multiple Apps use same content provider
  16. can we get chrome browsing history/bookmarks in our android app
  17. How to store large blobs in an android content provider?
  18. Closing the database in a ContentProvider
  19. get the last picture taken by user
  20. How to retrieve RCS messages from Android Devices
  21. What are the semantics of withValueBackReference?
  22. How to check database on not rooted android device
  23. how to get contact photo URI
  24. Possible to use multiple authorities with FileProvider?
  25. Content Provider INSTALL_FAILED_CONFLICTING_PROVIDER (installing content provider as a separate apk)
  26. How to get a contact’s facebook id or url from native contacts / content resolver?
  27. How to use ArrayAdapter
  28. How to set up Android emulator proxy settings
  29. Android SSL – SNI support
  30. Android – Preserve or delete files created by the application on uninstall

Leave a Comment