Well hello, im working on a app that take a picture and then save it into the external storage, the problem that i get is when i use a external app, to clean up the cell phone memory, this kind of apps get into the folder where the pictures located, then deleted everything on it, i realy don't have any idea to protect them.
sorry for the problems with my English is not my native tongue
I think the problem is not yours. The problem is your cleaner's. Modify the cleaner's settings. Android cleaner like Clean Master is just weird. I don't know what kind of cleaning they do! Once they deleted my 150+ apps from my SD Card. So, if you are tensed about protecting your files from being deleted then it is worthless. You can't. Ok, think, a user is not using any cleaner to keep his/her phone tidy. But what will you do or how you will protect your files when the user is going to delete those files himself/herself?
The one thing you can do is - by achieving SuperUser permission from a user, you can just modify the SD Card's W/O or R/O system. But it has also some disadvantages. If you do something lile this, then you app may be introduced as a malicious program by your user. So, afterall, the answer is it isn't possible...
You should use:
getFilesDir()
This folder is located inside Android/data/data/your_package/ so no app except yours has access to it (unless it has root permission).
Related
Is there any way to detect whether a folder was created by an Android app, and not by the user?
No. There's no such information stored in file system (nor in android nor in Linux in general). And even if it would, from filesystem perspective user never creates anything. It is always the app (and it's not important if app does it by itself or directed by user). App just tells the OS "create that folder for me", w/o giving any more detailed information why it wants that to be done and who is the real culprit.
EDIT: I just realised there's a case which maybe was on OP's mind - SD card. Content there can be created "by user" (which means when it got card mounted and accessed i.e. from desktop) and not by android application. But finding that out could be tricky. Some below suggest FileObserver. I am not sure. I'd maybe try to monitor mount/unmount broadcasts, then perhaps scan the sd card to see if there's anything added after unmount. But it is rather ineffective too, as if it is real sd card and user put it in machine with wrong clock, then my scan won't find much there. Other attempt is to know what is there (so build a "map" of sdcard once you see it for the first time and then compare with subsequent mounts). Still, the question remains - why you need that for? Maybe there's simplier approach to your problem
Can users with a rooted device view files in the assets folder of my app?
I ask because I intend to place files there that can be accessed from the application, however they should not be viewable in any other way.
I am developing on Froyo 2.2
Yep, sure can. Assets is just another directory on the filesystem of the device. Permissions are enforced on those based on the underlying Linux permissions model, so anyone with access to root on the device can access anything on it.
There is an in-depth discussion of how the assets of applications are isolated/protected, as well as a discuss about how root can access them and how you can protect against this, in Application Security for the Android Platform (disclaimer: I'm the author of this book). Basically, if you're concerned about root having access to files within your application, you're going to want to encrypt them so even if root can get to them, they will not be readable. This approach has a lot of its own implementation problems, all centered on how you manage the keys used to encrypt/decrypt the files. While there are things you can do to make it much more difficult for someone with root to get as your application's files, you cannot make this impossible as root users have full control over the device and everything on it.
Its not possible to prevent anyone getting to your assets.
I am messing around with node.js on Android through this project, and I need a way to deploy js files to a private directory (to hide the source code, and prevent users from tampering) which also physically exists on the filesystem (an apparent requirement for node.js).
Is it correct to place my javascript files in /data/data/com.skabbes.android/node_modules? And if not, what would be the correct way to accomplish my goal?
Well, if you are wanting to store something on the internal storage, it is not recommended to use an absolute path like /data/data/..../ because while that may be the correct path, it can potentially change with different devices or different Android versions because /data/data/ the internal file structure is not specified in official Android documentation.
I also want to point out that even if you are storing information in the /data/ directory it is still possible that someone could access it if they have a rooted phone.
But, what you should do is see This. That will save information on the internal storage of the device and neither the user nor other apps can access the files you save with that method unless the device is rooted.
You should use the getFilesDir() method of Context which basically abstracts the absolute path.
It will most probably be something like /data/data/<package-name>/files but it's a better way to make sure your app is compatible with all versions of Android and all devices.
i'm writing an application that needs to store some data,and picture. For example place's information. this information don't need to change very often. and
I have seen that databases are
stored under /data/data/package_name/databases
I decided to store my data under /data/data/package_name/files.
With the emulator i can see all these files (databases)
under the proposed directories but moving the application on a real
device and installing a file system browser i cannot see any file
under /data. i know that there are some security constrain in (not-rooted) device. However, are there any suggestion about the solution.. where can i store these data and how? because i'm quite new to android. Thanks so much for your help.
The reason you can't see it on the device is basically just as you said; the device isn't rooted, so other apps don't have access to the /data folder.
This is okay though, because you can still store your files there. Your app has access to anything under /data/data/package_name/, you just won't be able to see it in a file browser unless you root. This is normally a good thing, to keep average users from mucking around with your databases/files.
Read up more on storage methods here.
My app has several image and media files, which are around 1MB each or so. So if i follow the normal way, the app size is crossing over 40MB, which is huge. Is there anyway to avoid this?
I have heard of external storage, but i really don't get any clue of how to work on them!
Do i need to ask all those who instal this to save the images and media files in the external disk and then the app uses those? This makes my files public..isn't it?
I actually don't own a android device. So is it like, whenever people install an app from the market, does it ask if it has to install in the phone memory or the external memory?
I really need your help.
If there is a way, i'd be thankful if you can provide me the step by step details of how this can be done!
Thanks a lot..
Regards
Nithin
There is, from the little I know of this, a slight security risk from putting files onto the SD card. I don't think I personally would worry too much about that since most people that would want access to the files in your apk (Which does not include your source code) could get it regardless without too much trouble.
As of Android 2.2 the user has the option to move an app to their SD card, but only if the developer explicitly tells the app to allow it. I'm fairly sure this only applies to 2.2+ devices though, so being that you are likely going for a larger audience than that it isn't an end-all solution. I am only really pointing this out in case you do end up putting one large file on the market. If so, be sure to allow the transfer to SD card, your app will stay on devices much longer.
Downloading the files online from within the app and saving them out to the SD card would be a good solution, though I am not sure how end users feel about downloading a small app then having to download a very large package before using it. In the end they will have to download it either way, so it is up to you whether you want to ask them to do it up front in the market or afterwards via the app. If you do want to try to download all the content then maybe the code example in this link will help you figure it out :
http://androidsnips.blogspot.com/2010/08/download-from-internet-and-save-to-sd.html
You might consider streaming the files or downloading them inside the application to the sdcard. Speaking from experience my users have had problems downloading apps as big as 30MB. Some phones also have a severely limited internal memory, which is where the applications are downloaded to.