(enaix.github.io)

194 points sleirsgoevy | 1 comments | 31 Oct 25 20:20 UTC | HN request time: 0s | source

Show context

codethief ◴[01 Nov 25 16:23 UTC] No.45782919[source]▶

>>45776269 (OP) #

> So an apk may just load some zip/apk/dex code from external storage and execute it in current context.

Wouldn't this break all kinds of things, like app sandboxing, the permission system, app intents, …?

replies(1): >>45785340 #

1. iggldiggl ◴[01 Nov 25 21:04 UTC] No.45785340[source]▶

>>45782919 #

… launcher shortcuts, launcher widgets, storage management, multi-process set-ups or even services (those need to be declared statically in the manifest), so yeah it would.

So interesting as a fun exercise, but not really useful for probably quite a few apps.

↑

A theoretical way to circumvent Android developer verification