I am writing an application to add all our apps to the homescreen of our devices. I need it to skip the apps that are services or contentproviders that just run in the background and are never "launched" by the user.
Any ideas? Right now i am specifying the apps, but would like to have it more automated.
Thanks!
See this thread for information on finding launchable Intent instances from the package manager.
Related
There are apps (such as https://play.google.com/store/apps/details?id=com.teslacoilsw.launcher) that are free, but whose paid features can be enabled by buying another app (in this case, this one https://play.google.com/store/apps/details?id=com.teslacoilsw.launcher.prime)
How does this work?
My guess is that the free apps launches an explicit Intent and can detect if the app is present via a try/catch structure. The downside of this is that this could be easily circunvented by someone who creates an app with the same package name and specifies all possible Intent filters.
Is this how it works, or is it some other way?
There are various ways to do that. One way is to query a content provider which will be protected with a special permission.
I have released quite long ago on Github a library which helps doing this: Android Unlocker Library.
That's a good option if you are dealing with devices outside the Google ecosystem, however, from a developer experience, in-app purchases offer a much better user experience (and thus drive more sales) according to me.
The easiest way is to use startActivityForResult(...) from app A against an Activity of app B, that must be configured with an IntentFilter in order to be used from an outer app. Inside the B called activity you can also check who's calling with getCallingActivity(). You can find an example here.
Before starting the Activity, you can test that B is installed (using the PackageManager) or you can just start the activity and catch the Exception.
In the called Activity, you can check the signature of the calling package using the PackageManager.checkSignature(String,String) method. Pass the package name of A and B and if the signature matches, execute the logic.
I'm looking to expand my app to handle Guest Mode, introduced in Android L. I found that if I create a service with android:singleUser in AndroidManifest, with permission INTERACT_ACROSS_USERS, and I'm a system app by installing it in /system/priv-app, then my service is running even as I switch user. But my app needs to interact with the user, by being able to launch an activity, show a toast or notification. All of those things seems to not be possible. Is there a particular flag I need to set when I call startActivity so that it will launch a new activity from my service?
I found a way to do it. Basically have a singleton Service, which is a service with the android:singleUser="true" and with INTERACT_ACROSS_USERS and have the APK installed in /system/priv-app. Then have it broadcastAsUser to all users. You'll need to use reflection to access methods in UserManager. Then have a receiver instance which will receive the broadcast in the guest user's space, and then have the receiver startActivity.
There are several internal apis (comments as #hide) like Context.startActivityAsUser, NotificationManager.notifyAsUser to support it, but it needs build from source also with platform signature.
i just want an application that would scan the installing application and decide whether to deny the installation process or not basing upon the package name ?
Fortunately, this is not possible, for obvious security reasons. Malware authors would really like it if they could block other applications from being installed.
Do you want an application which self-checks for integrity?
Or an application which check ANY other new application?
On the former, I would suggest to put some piece of code on the main activity which checks this. But if you are trying to have some sort of 'anti-hacking' feature it would be quite pointless, as it would simply be needed to remove those lines.
On the latter, that would be more complicated and, also, how would you know the 'correct' package name?
Third party security applications such as Lookout, McAfee, Avast, etc. run with the same limited permissions and capabilities as any other Android application. That said, it's not possible for any Android application to "man-in-the-middle" an application installation process for security checks or any other purpose. As mentioned by others, this would have negative security implications, as it would allow any application to modify or deny the installation of other apps.
As a third party app, the best you can do is to monitor installed packages using a broadcast receiver that listens for android.intent.action.PACKAGE_ADDED intents, or use FileObserver to trigger a security review once the app is written to the file system. At this point if you detected an application you wanted to uninstall, you would still have to ask the user for their approval to uninstall the application.
FWIW, device manufacturers have the capability to make low-level modification to provide this capability, but I assume this is out of scope for your case.
I have been trying to figure this out on the web with no information whatsoever as to what this actually does. The Google Manifest information says:
Allows an application to set the maximum number of (not needed) application processes that can be running.
I am thinking this is not a third party app permission but I need to be sure, its for our embedded device.
My guess is that this limits the number of processes that one application can have open when calling android:process=".RemoteActivity" in the manifest.
Anyone? Thank you.
It's a development/debug intended permisson. And just do what it says. Remember that when you run an app, android creates a process for all it's activities. This is, if you start opening the different activities of your application, you use the same process. However, Android let's you choose if an activity uses the main process or another new one. That's why this permission exists.
Sources:
http://developer.android.com/guide/topics/fundamentals/processes-and-threads.html
http://developer.android.com/reference/android/Manifest.permission.html#SET_PROCESS_LIMIT
I would like to require that a user type a password before being allowed to uninstall/remove my application. How can I implement this functionality?
You could do this by:
The first time your app is installed, install a separate application/package ("watcher").
The only classes "watcher" contains is a BroadcastReceiver that listens for ACTION_PACKAGE_REMOVED
Add a BroadcastReceiver to your application that also listens for ACTION_PACKAGE_REMOVED
When a intent is broadcast to one of your receivers, check if the other component is still installed. If is isn't (the user just uninstalled it), prompt for the password - if it's wrong, reinstall the other component. If it's right, uninstall yourself.
You can exec logcat and get the start activity intent information.
You will find that before the uninstall activity is displayed, there is
a text msg such as:
Starting activity: Intent { act=android.intent.action.DELETE dat=package:com.comodo.pimsecure cmp=com.android.packageinstaller/.UninstallerActivity }
then you can pop a activity ask for password now.
It is possible. you can do it with DeviceAdminReceiver api. (i don't no how)
This is a hard problem. I can think of at least one non-evil use-case for it.
e.g. Stolen Phone Recovery app - you wish to deter ne'er-do-wells from uninstalling the app.
In this case, I can think of two sensible assumptions which would stop me implementing what you're looking for:
the thief is unaware of your app, so will not try to uninstall it.
the thief is aware of your app, and switch it off until he can get it to an iron box* to re-install the OS.
* For the uninitiated: an iron box will prevent the device sending or receiving electromagnetic signals.
Of course, this answer amounts to You Ain't Going To Need It, though I suspect you have already thought this through.
Protect installing/uninstalling apps by password makes Android more secure from malware/viruses. Your Android become as secure as iPhone.
How it works:
Automatic apps installing is prompted to user. You can search the app name. If not secure, Block it.
Root access is prompted to user. Too many ads is an indicator that access is dangerous.