I have a broadcastReceiver registered in manifest that receives broadcasts sent from one of my services with a custom action. I have it already working but for security reasons i want to prevent other apps from sending fake broadcast to my receiver. How can i do that?
Manifest
<receiver android:name=".MyReceiver">
<intent-filter>
<action android:name="MyAction"/>
</intent-filter>
</receiver>
Every reciever with exported tag set to false will only receive broadcasts sent from its own application process.
so it will be:
<receiver android:name=".MyReceiver"
android:exported="false">
<intent-filter>
<action android:name="MyAction"/>
</intent-filter>
</receiver>
As another solution i found that i can use permissions.
more on here
Related
I want to declare a broadcast receiver which can listen to system broadcasts like PACKAGE_ADDED, PACKAGE_REPLACED, for e.g.
<receiver
android:name="com.sample.cli.xyz.XyzReceiver"
android:exported="true"
android:enabled="false">
<intent-filter>
<action android:name="android.intent.action.PACKAGE_ADDED"/>
<action android:name="android.intent.action.PACKAGE_REPLACED"/>
<action android:name="android.intent.action.PACKAGE_REMOVED"/>
</intent-filter>
</receiver>
If I keep exported="true" here, any app can send the broadcast and it can be a security issue. As per Android documentation if we have even 1 intent-filter in receiver tag then, default value of exported is considered "true".
My question is if I explicitly declare this attribute as "false" (android:exported="false"), along with intent-filters, will it make it more secure and make it accessible only by system and not other apps?
Tried the combination (exported="false" along with intent-filter declared in receiver) asked in question, in a sample app and found that receiver can still listen to system events like PACKAGE_ADDED, PACKAGE_REMOVED etc.
I have a Install referrer receiver in my manifest.
<receiver
android:name="xx.yy.zz.InstallReferrerReceiver"
android:exported="true">
<intent-filter>
<action android:name="com.android.vending.INSTALL_REFERRER" />
</intent-filter>
</receiver>
And I get the referrer in the broadcast receiver as:
String referrer = intent.getStringExtra("referrer");
My doubt is would the receiver also listen to broadcasts of other apps which are installed with a referrer.
I want to listen to broadcasts for my app only.
If this problem exists, what would be the solution for it?
<receiver
android:name="xx.yy.zz.InstallReferrerReceiver"
android:exported="true">
<intent-filter>
<action android:name="com.android.vending.INSTALL_REFERRER" />
**<data android:scheme="package" />**
</intent-filter>
</receiver>
add your package in the receiver and while receive the broadcast in the OnReceive method check for your package
this will solve your problem
I recently did a code scan on my Android source code using HPFortify service. They reported security vulnerability regarding google analytics receiver. They suggested to use the broadcaster permission to reduce the attack vector. This way you are restricting broadcaster, otherwise any malicious application can send the intent and broadcast receiver will process it.
Here is my AndroidManifest file.
<receiver
android:name="com.google.android.gms.analytics.AnalyticsReceiver"
android:enabled="true">
<intent-filter>
<action android:name="com.google.android.gms.analytics.ANALYTICS_DISPATCH"/>
</intent-filter>
</receiver>
<service
android:name="com.google.android.gms.analytics.AnalyticsService"
android:enabled="true"
android:exported="false"/>
I am trying to figure out the broadcaster permission for AnalyticsReceiver. According to HpFortify the broadcast receiver should look like similar to this:
<receiver
android:name="com.google.android.gms.analytics.AnalyticsReceiver"
android:permission="SOME-GOOGLE-ANALYTICS-PERMISSION"
android:enabled="true">
<intent-filter>
<action android:name="com.google.android.gms.analytics.ANALYTICS_DISPATCH"/>
</intent-filter>
</receiver>
Edit 1:
I am also looking for the source code to figure out the right permission. But I couldn't find the google analytics source code.
The Pebble Docs clearly describe how to start a watchapp on the Pebble from an Android app, but I cannot find instructions on how to start an Android app from a watchapp. Is that possible, and how?
It's possible by registering a broadcast receiver for the pebble events, here's the code:
<receiver android:exported="true" android:name=".MyBroadcastReceiver">
<intent-filter>
<action android:name="com.getpebble.action.app.RECEIVE"/>
<action android:name="com.getpebble.action.app.RECEIVE_ACK"/>
<action android:name="com.getpebble.action.app.RECEIVE_NACK"/>
</intent-filter>
</receiver>
I am implementing sms receive functionality in Android kitkat 4.4+. I am able to set my application as default successfully but when an sms is received broadcast receiver is called twice. I am unable to find the cause of this problem.
here is how I have declared my Broadcast reciever in manifest
<receiver
android:name="com.package.SmsRecieverKitkat"
android:enabled="true"
android:exported="true"
android:permission="android.permission.BROADCAST_SMS" >
<intent-filter >
<action android:name="android.provider.Telephony.SMS_RECEIVED" />
<action android:name="android.provider.Telephony.SMS_DELIVER" />
</intent-filter>
</receiver>
when an sms is recieved broadcast reciever is called twice
That is because you are asking for both SMS_RECEIVED and SMS_DELIVER broadcasts. If you only want one of those, only listen for that one.