如何限制在整个应用程序的内容提供者数据 [英] How to restrict content provider data across applications

问题描述

我们如何才能确保某些应用程序无法访问存储在内容提供商我的数​​据，其中在某些其他应用程序可以访问？基本上，我需要让我的一些感兴趣的应用程序来访问存储在内容提供商我的数​​据，但我不希望所有的应用程序能够访问这些数据。我怎样才能做到这一点？

How can we ensure that certain applications are not able to access my data stored in content provider where in certain other applications can access that? Basically I need to allow some application of my interest to access my data stored in Content Provider but I do not want all the applications to be able to access that data. How can I achieve this?

感谢。

推荐答案

最简单的方法就是以保护您定义的许可内容提供商。使它成为一个签名，以便只应用程序与你的证书签名的许可，被允许得到它。

The easiest way is to protect the content provider with a permission you define. Make it a signature a permission so only apps signed with your certificate are allowed to get it.

请参阅：

<一个href="http://developer.android.com/guide/topics/security/security.html">http://developer.android.com/guide/topics/security/security.html

<一个href="http://developer.android.com/reference/android/R.styleable.html#AndroidManifestProvider">http://developer.android.com/reference/android/R.styleable.html#AndroidManifestProvider

<一个href="http://developer.android.com/guide/topics/manifest/provider-element.html">http://developer.android.com/guide/topics/manifest/provider-element.html

如果这样做基于证书是不够的，你需要写权限检查自己。这是通过调用Binder.getCallingUid（）的来电转接至您的应用程序，并决定给定的UID是否有权访问你的供应商完成。实际执行不同的策略，实际上是安全的需要大量认真思考和设计，虽然。

If doing this based on certificates is not sufficient, you will need to write the permission checks yourself. This is done by calling Binder.getCallingUid() for incoming calls to your applications, and deciding whether the given uid has permission to access your provider. Actually implementing a different policy that is actually secure requires a lot of careful thought and design, though.

这篇关于如何限制在整个应用程序的内容提供者数据的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！