Open ghost opened 9 months ago
“[...] this service [...] has no permissions of its own.”
This flag is intended to restrict your app's service to access other parts of your app or the android system itself. It can be used by your app to safely (more or less) run untrusted code.
It does not, however, protect your service or even the entire app from malicious access by an attacker.
@rakearyo Could you update the link to Android Dev Docs?
“If set to
true
this service runs under a special process that is isolated from the rest of the system and has no permissions of its own. The only communication with it is through the Service API, with binding and starting”.— “https://developer.android.com/guide/topics/manifest/service-element”
This feature is good because it makes more difficult for an attacker whom found an exploit to compromise user’s data.
Example:
< service android:name="com.kunzisoft.keepass.services.DatabaseTaskNotificationService" android:enabled="true" android:exported="false" android:isolatedProcess=“true” />