I'm thinking of ways to secure an AIDL call in Android without using any support libraries, just the Android SDK. One way I thought of was to enforce that the binder being used has a whitelisted process name, e.g. com.xyz.app. This is possible with How to get application package name or UID which is trying to bind my service from onBind function?
However, is it still possible for a malicious app to just specify in their manifest that their process name is the same as a whitelisted process name?
Yes,two applications can use the same process name. Two advices for you: 1.After checking the process name,you still need to check the signature of the app. Other apps can use the same name with you , but they can't use the same signature.
//the code showing how to get siginature
PackageInfo info = getPackageInfoByName(context, pkgName);
byte[] sign = info.signatures[0].toByteArray();
//Add code here check whether the sign with your app
public static PackageInfo getPackageInfoByName(Context context, String packageName) {
try {
return context.getPackageManager().getPackageInfo(packageName,PackageManager.GET_SIGNATURES);
} catch (PackageManager.NameNotFoundException e) {
Log.e(TAG, "Failed getPackageInfo", e);
}
return null;
}
2.You can add an signature level permission for your service which work as the server of binder.
//1.create a signature level permission in your AndroidManifest.xml
<permission
android:name="com.xyz.aa.permission.bindservice"
android:protectionLevel="signature">
</permission>
//2.Add the permission to your service
<service android:name=".MyService"
android:permission="com.xyz.aa.permission.bindservice">
</service>
The app who want to bind the service should use this permission,only apps using same signature with you can use this permission.
