Menu
Is is possible to make content provider read-only? I know that this question was asked few times but according to all of them (eg. this) I have to write my own custom write permission.
<permission android:name="com.test.WRITE_DATABASE" android:protectionLevel="normal" />
<permission android:name="com.test.READ_DATABASE" android:protectionLevel="normal" />
//...
<provider
android:authorities="xxx"
android:name="xxx"
android:exported="true"
android:readPermission="com.test.READ_DATABASE"
android:writePermission="com.test.WRITE_DATABASE" />
But hacker could decompile my app and look inside manifest file and then he can easily write his own app with:
<uses-permission android:name="com.test.WRITE_DATABASE" />
So it's almost useless... I have several apps to use one Content Provider inside my main application. Only this application should have write permission - other should only read from this database. Any ideas how to solve this?
513
See documentation about permissions here: https://developer.android.com/guide/topics/manifest/permission-element.html
Answer to your question is a android:protectionLevel property of a permission. You can set it to signature so only applications that signed with same key will be able to request this permissions.
60
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
