Is it safe to access SharedPreferences file in production?

Question

As stated here, I can access certain file of SharedPreferences through path

/data/data/YOUR_PACKAGE_NAME/shared_prefs/YOUR_PREFS_NAME.xml

I'm going to use it for export of SharedPreferences by reading several Preferences files into string array, saving them to json and writing result to one particular file.

But is it safe in production and at all possible if the device is not rooted, the developer options are off, or anything? And which additional permissions do I need besides READ_EXTERNAL_STORAGE? Thank you!

score 1 · Accepted Answer · answered Aug 07 '17 at 18:54

I can access certain file of SharedPreferences through path

That path will not work on all devices or for all users. NEVER HARDCODE PATHS.

I'm going to use it for export of SharedPreferences by reading several Preferences files into string array, saving them to json and writing result to one particular file.

You do not need the path to the XML file for that. You can use the SharedPreferences object to get the data for the preferences and save it to JSON or whatever.

But is it safe in production

It is not safe in general.

And which additional permissions do I need besides READ_EXTERNAL_STORAGE?

You do not need READ_EXTERNAL_STORAGE to read SharedPreferences.

Is it safe to access SharedPreferences file in production?

1 Answers1