1

I have made an application say "TestApp" which contains a content provider. Content provider shares the database access to all other application. Is there a mechanism in android which allows only few other application having a particular type of permission to access content provider of "TestApp"?

I don't want applications which do not have that specific permission to access the content provider of "TestApp".

Being a newbie i don't know the standard that a question asked should have.

Please help.

Chintan Rathod
  • 25,864
  • 13
  • 83
  • 93
user2159624
  • 193
  • 1
  • 1
  • 6
  • just think what will the other apps do with your app data if they don't belong to the apps those could actually use that data. – Prateek Mar 12 '13 at 06:27
  • My question is that I don't want my content provider to be public. I want that only a few applications(with special permission) may use it and the other are restricted. – user2159624 Mar 12 '13 at 06:32
  • Generally you should add what you've used. [Here, read this](http://stackoverflow.com/questions/how-to-ask). – BDM Mar 12 '13 at 06:43
  • @ProfPickle : I will keep it in mind. Thank you. – user2159624 Mar 12 '13 at 10:35

2 Answers2

0

You could look at providing a custom permission in your application.

Custom permission question in stackoverflow

Developer.android.com

Please be aware that this could pose a security issue to your application.

Community
  • 1
  • 1
Premsuraj
  • 2,506
  • 1
  • 17
  • 16
0

The usual way to do this is to set android:protectionLevel="signature" on your permission. This will restrict access to only applications signed with the same certificate as the application which declares the permission. These applications may declare a <uses-permission> tag to gain access.

See also the general security tips article.

That said, be careful what you protect with this. It will prevent random applications the user installs from getting access to your data, but not if the user truly wishes to bypass these protections. If the user wants to give an application the ability to circumvent this, then the user can do so. This protects only against other applications gaining access when the usual security measures are in force.

Jeremy Roman
  • 16,137
  • 1
  • 43
  • 44