Book Image

Testing and securing android studio applications

Book Image

Testing and securing android studio applications

Overview of this book

Table of Contents (18 chapters)
Testing and Securing Android Studio Applications
Credits
About the Authors
About the Reviewers
www.PacktPub.com
Preface
Index

Permissions


With application sandboxing, apps cannot access parts of the system without permission, but even with it, Android allows data sharing with other apps or access to some system services. An app needs to request permission to access device data or to access system services. Permissions are a security feature of Android system, but misused permissions make your application vulnerable.

The permission needs of an app are declared in its manifest file. This manifest file is bundled into the app's Android application package (APK), which includes its compiled code along with other resources. The permissions requested in the manifest file (manifest permissions) will be shown to the user when installing the app. The user should review these permissions and accept them to complete the installation process. If the user agrees to them, the protected resources are available to the app.

Note

Do not request permissions that your app does not need. Reducing the number of permissions makes your app...