The document discusses security in Android applications. It begins by introducing the speaker and their background in security and Android development. It then outlines the agenda which includes discussing the Android security model, realities that differ from the model, common vulnerabilities, and additional strategies with one concluding sentence. The appendix provides additional resources on various security topics.
9. Application Isolation
- isolate CPU, RAM, devices, files in
private directory
- every app run in own process
- every app has own UserID and
GroupID
10. Application Isolation
- isolate CPU, RAM, devices, files in
private directory
- every app run in own process
- every app has own UserID and
GroupID
- every app run in own instance of
Dalvik VM
16. - Is the parent of all App processes
Zygote
App 1
App 2
App 3
Zygote
fork()
fork()
fork()
start new
App
17. - Is the parent of all App processes
Zygote
App 1
App 2
App 3
Zygote
fork()
fork()
fork()
start new
App
- COW(Copy On Write) strategy
18. - Is the parent of all App processes
Zygote
App 1
App 2
App 3
Zygote
fork()
fork()
fork()
start new
App
- COW(Copy On Write) strategy
- /dev/socket/zygote
19. - Before M
- After M
- Custom permissions
- Protection level
Permissions