Closed Bug 707636 Opened 8 years ago Closed 7 years ago
Define safe permissions to local DB's Content
Provider to only allow sync to access it
Sign both apps with same signature? Granting custom access to Sync app? We need figure out the right/safe way to do it.
we are probably just going to import their code, and build it ourselves. more info coming and tbd.
Sync will ship with us, no permissions needed
Status: NEW → RESOLVED
Closed: 8 years ago
Resolution: --- → INVALID
If we don't have access during development, then shipping becomes a tad bit more difficult! This should be as simple as adding protectionLevel="signature" to a permission element and marking it as exported, which allows only apps signed with the same signature to access that element, and otherwise forbids access entirely. http://developer.android.com/guide/topics/manifest/permission-element.html Alternatively, please morph this bug into "Share sharedUserId between Native Sync and Native Fennec AndroidManifest.xml files". One or the other must be done, or we can't access the provider from our builds.
Status: RESOLVED → REOPENED
Resolution: INVALID → ---
or... you could just do your dev in hg/mozilla-central.
Comment on attachment 580159 [details] [diff] [review] Use "signature" permissions on BrowserProvider Is a provider exported="true" by default? Still might add that to be explicit.
Comment on attachment 580159 [details] [diff] [review] Use "signature" permissions on BrowserProvider Review of attachment 580159 [details] [diff] [review]: ----------------------------------------------------------------- Yes, exported defaults to true. Looks like the right solution according to the docs. f+.
Attachment #580159 - Flags: feedback?(rnewman) → feedback+
Attachment #580159 - Flags: review?(blassey.bugs) → review+
Looks like this has been fixed a long time ago. Closing.
Status: REOPENED → RESOLVED
Closed: 8 years ago → 7 years ago
Resolution: --- → WORKSFORME
You need to log in before you can comment on or make changes to this bug.