We're sorry but this page doesn't work properly without JavaScript enabled. Please enable it to continue.
Feedback

Striptease of the Android permission system

Formal Metadata

Title
Striptease of the Android permission system
Title of Series
Number of Parts
46
Author
License
CC Attribution 3.0 Unported:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor.
Identifiers
Publisher
Release Date
Language

Content Metadata

Subject Area
Genre
Abstract
In the current context where customers are more sensible about protecting their privacy, our duty as developers is to consider security in our developments. Google did understand this global problematic and provides in Android OS different kinds of security systems : selinux, permissions system, etc. Throughout this talk, we are going to present how the Android permission system is implemented, all the way from the kernel to the application layer. How Android low layers use the concepts of the Linux kernel users and groups in order to provide its own permission system? What is the communication flow in the framework when an access to a specific device is asked by an Android application? Next, we will demonstrate an use case of an Android application which leads to a huge security hole, then fix it.