diff options
| author | Dianne Hackborn <hackbod@google.com> | 2012-02-09 10:47:01 -0800 |
|---|---|---|
| committer | Dianne Hackborn <hackbod@google.com> | 2012-02-09 11:18:33 -0800 |
| commit | a0c283eac33dd2da72235751bbfa4f2d9898d5ea (patch) | |
| tree | 4a772771c79de9a0817115a49b5018397cd64add /core/res | |
| parent | f6a7e1f7cd12fbbb2e35391850aec7d7d57b8f66 (diff) | |
| download | frameworks_base-a0c283eac33dd2da72235751bbfa4f2d9898d5ea.zip frameworks_base-a0c283eac33dd2da72235751bbfa4f2d9898d5ea.tar.gz frameworks_base-a0c283eac33dd2da72235751bbfa4f2d9898d5ea.tar.bz2 | |
Add new feature for running services in "isolated" sandbox processes.
This reserves a range of uids (for each user) in which these processes
run. These uids are not associated with an application, so they
effectively run with no permissions. When a Service requests to
run in such a process through android:isolatedProcess="true", each
time it is brought up a new isolated process is started with its
own unique uid.
What we have so far gives us the basic infrastructure; more work
remains to further lock down what these uids have access to.
Change-Id: Ibfd27c75619cba61f528f46ede9113f98dc5f45b
Diffstat (limited to 'core/res')
| -rw-r--r-- | core/res/res/values/attrs_manifest.xml | 4 | ||||
| -rw-r--r-- | core/res/res/values/public.xml | 6 |
2 files changed, 10 insertions, 0 deletions
diff --git a/core/res/res/values/attrs_manifest.xml b/core/res/res/values/attrs_manifest.xml index dbd49fb..92c59ab 100644 --- a/core/res/res/values/attrs_manifest.xml +++ b/core/res/res/values/attrs_manifest.xml @@ -1235,6 +1235,10 @@ when the user remove a task rooted in an activity owned by the application. The default is false. --> <attr name="stopWithTask" format="boolean" /> + <!-- If set to true, this service will run under a special process + that is isolated from the rest of the system. The only communication + with it is through the Service API (binding and starting). --> + <attr name="isolatedProcess" format="boolean" /> </declare-styleable> <!-- The <code>receiver</code> tag declares an diff --git a/core/res/res/values/public.xml b/core/res/res/values/public.xml index e3c2bd8..1b91643 100644 --- a/core/res/res/values/public.xml +++ b/core/res/res/values/public.xml @@ -3482,4 +3482,10 @@ <public type="color" name="holo_orange_dark" id="0x01060019" /> <public type="color" name="holo_purple" id="0x0106001a" /> <public type="color" name="holo_blue_bright" id="0x0106001b" /> + +<!-- =============================================================== + Resources added in version 16 of the platform (Jelly Bean) + =============================================================== --> + <public type="attr" name="isolatedProcess" id="0x010103a7" /> + </resources> |