如何跨应用程序限制内容提供者数据 [英] How to restrict content provider data across applications

问题描述

我们如何确保某些应用程序无法访问我存储在内容提供商中的数据，而某些其他应用程序可以访问这些数据?基本上，我需要允许一些我感兴趣的应用程序访问我存储在 Content Provider 中的数据，但我不希望所有应用程序都能够访问该数据.我怎样才能做到这一点?

How can we ensure that certain applications are not able to access my data stored in content provider where in certain other applications can access that? Basically I need to allow some application of my interest to access my data stored in Content Provider but I do not want all the applications to be able to access that data. How can I achieve this?

谢谢.

推荐答案

最简单的方法是使用您定义的权限保护内容提供者.将签名设为权限，以便只有使用您的证书签名的应用才能获取它.

The easiest way is to protect the content provider with a permission you define. Make it a signature a permission so only apps signed with your certificate are allowed to get it.

见:

http://developer.android.com/guide/topics/security/安全.html

http://developer.android.com/reference/android/R.styleable.html#AndroidManifestProvider

http://developer.android.com/guide/topics/manifest/provider-element.html

如果基于证书执行此操作还不够，您需要自己编写权限检查.这是通过调用 Binder.getCallingUid() 来完成对应用程序的传入调用，并确定给定的 uid 是否有权访问您的提供程序.不过，要真正实施一个真正安全的不同策略需要大量仔细的思考和设计.

If doing this based on certificates is not sufficient, you will need to write the permission checks yourself. This is done by calling Binder.getCallingUid() for incoming calls to your applications, and deciding whether the given uid has permission to access your provider. Actually implementing a different policy that is actually secure requires a lot of careful thought and design, though.

这篇关于如何跨应用程序限制内容提供者数据的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！