WearableListenerService的权限 [英] Permissions for a WearableListenerService
问题描述
我已经实现了 android:exported = true (或完全不声明,而默认为 true ),因为它是由Google Play服务启动的。系统上的任何应用都可以调用没有权限的导出服务,但是我找不到添加到服务声明中以确保其安全的正确权限。我已经查看了具有 pm列表权限的手机和Wear设备上的权限,但看不到任何需要的东西。
I've implemented a WearableListenerService in both my main app and the companion Wear app. In the manifests, the service needs to be declared as android:exported="true" (or not declared at all and left to default to true) since it's started by Google Play Services. An exported service with no permissions can be called by any app on the system, but I can't find the correct permission to add to the service declaration to secure it. I've looked through the permissions on both the phone and the Wear device with pm list permissions but I don't see anything that looks like what I need.
- 是否可以/应该添加权限以保护我的服务?
- 如果没有,是否通过检查调用方的程序包名称来手动保护服务的好主意?
推荐答案
了解如何在Android Wear上实现WearableListenerService的最佳方法是查看SDK提供的现有示例之一。如果您查看包含在$ SDK / samples / android-20 / wearable / DataLayer中的DataLayer示例,它可以完全实现您想要的操作。
The best way to see how to implement a WearableListenerService on Android Wear is to look at one of the existing samples provided by the SDK. If you look at the DataLayer sample included at $SDK/samples/android-20/wearable/DataLayer it has a full implementation of what you are wanting to do.
如果您在AndroidManifest.xml中查看可穿戴设备的一侧,就会看到以下内容:
If you look in the AndroidManifest.xml for the wearable side, you can see it has the following:
<meta-data
android:name="com.google.android.gms.version"
android:value="@integer/google_play_services_version" />
<service
android:name=".DataLayerListenerService" >
<intent-filter>
<action android:name="com.google.android.gms.wearable.BIND_LISTENER" />
</intent-filter>
</service>
出于安全考虑...当我们在清单中声明服务并为其添加过滤器时,它会自动成为导出服务。因此,一般而言,其他应用可以绑定到该服务。在WearableListenerService的情况下,框架中会进行安全检查,以确保与其绑定的代理是Google Play服务,因此,除非应用程序开发人员公开其他意图过滤器,否则其他人都无法真正绑定到该服务。
For your security concerns ... When we declare a service in manifest and add a filter to it, it automatically becomes an exported service. So in general, other apps can bind to that service. In case of WearableListenerService, there is a security check that happens in the framework to make sure that the agent binding to that is Google Play Services so no one else can really bind to that service, unless the app developer exposes other intent filters in which case the intention is for others to access it.
因此,如果您以与Wear SDK示例相同的方式实现代码,则您的应用程序应该是安全的,并且您不需要担心任何额外的权限等。
So if you implement your code in the same way as the Wear SDK samples, your app should be secure and you do not need to worry about any extra permissions, etc.
这篇关于WearableListenerService的权限的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
