Permission Mitigation • Standard Android is all or nothing • People might not install your permission rich app • Provide core app with less permissions • User can choose permissions by installing plugins (Before Android 6)
PackageManager • Every plugin implements a custom intent action • PackageManager queries for every component using that custom action • Easily get metadata of that component
Package Broadcasts • Android system sends package broadcasts • Host app checks if we are interested in that package change • Host app can update a live list of plugins
Remote Service Binding • Preferred way • Remote services found with PackageManager • Communication protocol using AIDL • Callback with Messenger for delayed responses
WebViews • Plugin provides data • Static URI using MetaData • Dynamic URI using IPC • Host has a WebView that loads the data • Easy • Not native • Security issues (javascript)
Some Extra Tips • Think about your versioning • Abstract to a library for distribution • Input validation in host • Make sure it’s secure • Don’t leak data →using signature level permissions