Look at how data is stored inside the sandbox in a private file.
- It's good practice to use what's known as internal file storage for your Android app if it contains any sensitive information. This stores the file in the app sandbox, and it's set to private mode so that it can't be accessed by other apps. Let's see how we do this. I've added some new code to our Hello World app to declare a file called activation.dat in the app's file directory, and to append the text line to it which contains my activation code. I can click on the green play button to build and run the program, and then check the result.
I've got my mobile phone connected via USB, and I'll run the app on that. I can open my app with JaDX, and as expected, we can see the main activity Java file and the activation code. Let's see if we can access the file on the device and read its contents. We can use the ADB console to get shell, and check the app's sandbox. We're at the command line in my phone. Application sandboxes is stored as folders in the directory data/data.
When we try to access the standard application sandboxes, we get permission denied. Android is protecting the sandbox contents. Applications can also write files to the SD card. Let's check it out. So we can see that the data file hasn't been written to the SD card. It's been written inside the main file area for the sandbox, and it's protected. Before we go, let's go into the resources folder and open layouts.
When we can see the screen display, let's click on the Hello World text, and change the text to activation complete. Okay, that's more in keeping with our theme.
- Understanding Android OS, app, and hardware security components
- Using the Trusted Execution Environment
- Developing Android apps with security in mind
- Analyzing existing applications
- Understanding Android vulnerabilities
- Securing Android apps
- Developing secure enterprise apps