4

我正在编写一个 Android 应用程序,其中我需要接收系统发送的一些广播。我想确保广播确实是由系统发送的。我找到了这个 OWASP视频

在视频中的 18:00 时间,演讲者建议验证广播来源的方法之一是使用(查看他的幻灯片):

 Binder.getCallingUid () == Process.SYSTEM_UID

我试图在我的应用程序中对此进行测试,但是这个 API 为我提供了我自己的应用程序的 uid。

我从 Dianne Hackborn找到了这个解释:

 Binder.getCallingUid() returns the UID of the caller when processing 
 an incoming Binder IPC.  The value that is returned will vary depending 
 on whether you are in the context of dispatching an incoming IPC or 
 something else.

 Also, code will often call Binder.clearCallingIdentity() to clear the 
 calling information after it has verified it so that further operations
 are considered to be coming from the current uid.

此外,来自文档

 Return the Linux uid assigned to the process that sent you the current 
 transaction that is being processed. This uid can be used with 
 higher-level system services to determine its identity and check permissions. 
 If the current thread is not currently executing an incoming transaction, 
 then its own uid is returned.

鉴于这两种解释,Binder.getCallingUid在Android组件的生命周期事件中是否有任何使用的API(我在BroadcastReceiver的onReceive,Service的onStartCommand中测试过)?

如果没有,为什么 OWASP 要求我们使用它?

4

1 回答 1

0

本文档的第 5 节解释了为什么 Binder.getCallingUid() 在BroadcastReceiver. 它只返回执行自己的应用程序的 UID。但如果您正在调用远程服务,例如使用 AIDL 绑定服务时,它会返回一个有用的值。

于 2020-09-11T01:21:24.317 回答