Android

Space shortcuts

Page tree

Versions Compared

Old Version 15

changes.mady.by.user Will Snavely

Saved on

compared with

New Version 16

changes.mady.by.user Fred Long

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Added a reference to "intent sniffing"

...

When sendBroadcast() is used, normally any other application, including a malicious application, can receive the broadcast.

This facilitates intent sniffing, see [viaForensics 2014] 26. Android: avoid intent sniffing.

Therefore, receivers of broadcast intents should be restricted. One way to restrict receivers is to use an explicit intent. An explicit intent can specify a component (using setComponent(ComponentName)) or a class (using setClass(Context, Class)) so that only the specified component or class can resolve the intent.

...

[Chin 2011]Analyzing Inter-Application Communication in Android

[JSSEC 2014]

4.2.2.5. When sending sensitive information with a broadcast, limit the receivable receiver

[viaForensics 2014]26. Android: avoid intent sniffing

 

...