设置应用程序如何启动应用程序的未导出活动? [英] How Can the Settings App Start an App's Non-Exported Activity?
问题描述
Android N可让您将自己的活动链接到以下位置的应用程序页面
设定.只需为android.intent.action.APPLICATION_PREFERENCES
添加一个<intent-filter>
. Android N的设置"应用将在您的应用中查找活动
有那个<intent-filter>
.如果设置"找到一个齿轮,它将添加一个齿轮
设置中您应用页面的图标,如果用户点击齿轮,他们会
将被带到您指定的活动中.
Android N lets you link an activity of yours into your app's page in
Settings. Just add an <intent-filter>
for android.intent.action.APPLICATION_PREFERENCES
. Android N's Settings app will look for the activity in your app that
has that <intent-filter>
. If Settings finds one, it will add a gear
icon to your app's page in Settings, and if the user taps the gear, they
will be taken to your designated activity.
我担心安全性,因此提出了问题,以寻找我们可以与android:permission
一起使用的权限,以允许设置"开始我们的活动,但不允许其他应用程序开始我们的活动(例如,WRITE_SECURE_SETTINGS
).
I was worried about security, and so I filed an issue, looking for a permission we could use with android:permission
to allow Settings to start our activity, but not allow other apps to start our activity (e.g., WRITE_SECURE_SETTINGS
).
cketti然后指出您可以通过android:exported="false"
.令我大吃一惊的是.
cketti then pointed out that you could just mark the activity as not exported, via android:exported="false"
. Much to my surprise, this works.
设置"应用程序如何启动标记为未导出的活动?
How can the Settings app start an activity that is marked as not exported?
我当然可以看到有一个控制此权限的权限.但是,可以快速阅读设置"应用的清单( master分支, n-developer-preview-5 分支)没有发现任何明显的结果.
I can certainly see there being a permission that controls this. However, a quick read of the Settings app's manifest (master branch, n-developer-preview-5 branch) didn't turn up anything obvious.
所以:
-
是否存在允许一个应用程序启动另一个应用程序的未导出组件的权限?如果是这样,那是什么?
Is there a permission that allows an app to start a non-exported component of another app? If so, which is it?
如果没有,设置"如何将其取消?
If not, how is Settings pulling this off?
推荐答案
我想清单中没有任何东西可以使应用程序有权调用导出的活动.我相信要实现此目的的方式是通过在Android应用程序的Android.mk文件中设置LOCAL_PRIVILEGED_MODULE := true
.此标志将授予应用程序系统级别的权限,并将其在OS编译期间放置在system/priv-app/
目录中.
I would guess there is nothing in the manifest that gives an app the permission to call exported activities. I believe the way it's accomplishing this is by setting LOCAL_PRIVILEGED_MODULE := true
in the Android.mk file for the Settings application. This flag will give an application system level permissions and place it in the system/priv-app/
directory during OS compile time.
如果查看方法checkComponentPermission
的frameworks/base/core/java/android/app/ActivityManager.java
,则可以看到如果UID是SYSTEM的UID,则无论导出的设置如何,都将授予组件权限.
If you look at frameworks/base/core/java/android/app/ActivityManager.java
for the method checkComponentPermission
you can see that if the UID is that of the SYSTEM, component permission is granted regardless of the exported setting.
这篇关于设置应用程序如何启动应用程序的未导出活动?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!