Android manifest package name
Question
The package name we declare in AndroidManifest.xml is the unique ID of an application. To avoid naming conflict, we normally use domain name in this package name, like "com.google. * ". If this is the case, there's no way to avoid other people using my domain name in their package name maliciously. Say if I am using "com.google.myapp", that's a totally valid package name even though I am not building apps for Google. Let's say my app has package name "com.mycompany.myapp", there's no way I can prevent other people using the same package name in there app.
Is this a problem that I should worry about? It seems this is the nature of Android, which can't be prevented.
1 answers
solution1
4 2011-06-21 21:02:14
No, there is no way to prevent someone else from using an identical package name.
However the package name is combined with the certificate used to sign the package: if someone tries to install a maliciously named package on top of an existing package they will need to use the exact same cert. If they don't use the exact same cert then the OS will reject the install and the malicious package will not have access to the original package's data. In practice this deals with the security issues.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.