Explore
For Enterprise
Join for Free
Log In

Explorar
Buscar
For Enterprise
Inicia Sesión
Únete de forma gratuita

App Account Mapping to Linux Users

Loading...

Engineering Maintainable Android Apps

Universidad Vanderbilt

4.5 (154 calificaciones) | 11K estudiantes inscritos

Curso 4 de 5 en Android App Development Programa Especializado

Engineering Maintainable Android Apps, which is a 4 week MOOC that shows by example various methods for engineering maintainable Android apps, including test-driven development methods and how to develop/run unit tests using JUnit and Robotium (or equivalent automated testing frameworks for Android), as well as how to successfully apply common Java/Android software patterns to improve the extensibility and clarity of Android apps. Students will work on the appropriate automated unit quizzes, based on the material covered in the lecture videos. These lessons will demonstrate the benefits of good software engineering practices that are targeted at creating maintainable code for mobile apps. There will be roughly 3-4 hours of student engagement time per week, including video lectures, and quizzes. The ordering of the modules within the course is designed to be flexible. In particular, students can watch the videos in whatever order suits their experience and needs, e.g., they may want to watch the unit testing videos prior to the software pattern videos if they prefer to learn about unit testing first.

Destrezas que aprenderás

Software Testing, Unit Testing, Android Software Development, Junit

Revisiones

4.5 (154 calificaciones)

5 stars
103 ratings
4 stars
37 ratings
3 stars
6 ratings
2 stars
5 ratings
1 star
3 ratings

GN

Aug 03, 2017

An Excellent course. I will say it is an online course that made me study as if I were in a classroom

ME

Sep 20, 2017

gave me a very good overview on security as a whole and on security specifically for android.

De la lección

Security & Sustainability II

This module provides an introduction to Unit Testing using the Junit 4.0 Framework in Android, as well as an introduction to Testing Frameworks using the Robotium open-source test framework for writing graybox testing cases to automate the testing of multi-Activity Android apps.

Traditional App Accounts3:15

Traditional vs. Mobile App Accounts5:28

App Account Mapping to Linux Users4:45

Apps Lie & Steal4:23

How Android Protects Apps13:52

What Android Does Not Protect14:20

The Challenges of Secure Coding2:48

Security Vulnerability Walkthrough7:30

The iRemember App Example3:38

Privilege Escalation I5:40

Privilege Escalation II4:07

Privilege Escalation III6:22

Course Wrap-up13:59

Impartido por:

Dr. Douglas C. Schmidt
Professor of Computer Science and Associate Chair of the Computer Science and Engineering Program
Michael Walker
Instructor - Graduate Student pursuing PhD in Computer Science
Dr. Jules White
Associate Professor of Computer Science

Transcripción

When your app gets installed, that's when the system creates the identity, or the account, that's going to be associated with your app. So, let's dive a little deeper into what that actually means on app or Android when you install an app, and what happens under the hood to create that user account. Well, when you create an Android app, one of things you have to specify is an Android manifest.xml file. And this is a file that all of you should be very well familiar with if you've been building Android apps. And what this does is it tells Android things that it needs to know about your app in order to install it on the system, in order to understand what each different components are. And very importantly from a security perspective, it tells it which capabilities of the hardware platform on the Android device or the capabilities provided by other apps, like the Contacts app, that you want to have access to in your app. So you declare a series of uses permissions. And these are things that your app wants to have access to on the underlying platform. And each of these user permissions corresponds to some type of underlying capability of the device. Something like access to the Internet maybe, or access to the camera. And your app declares all of these things up front so that when the user installs your app on their device, Android can go and scan all of these user permissions, figure out what they map to in terms of capabilities in your device, and then present a menu to the user saying do you want to allow this app to have access to x, y and z things. So the user gets to decide is this okay? And if they say that it's okay, what Android does is it takes all these user permissions and it goes and creates an account on the underlying Linux operating system that's part of Android for your app. So, Android is a modified version of Linux that runs on mobile devices. And when you create, install an app, and then create a user account for it, what's actually happening is that the underlying Linux operating system is creating a user for that app. So, this and this, basically create the Linux user for your app. This is what's going to define the capabilities of this linux user. It's the things that you ask for in your manifest file. Underneath the hood, each of the things you ask for like Internet or camera, each of those has a separate Linux group that's associated with it. For example, you may have the camera group. And this is a user group that is set up to define the set of users that have access to the camera. And this is already on the device when you install the app. And so, what Android does is it creates your Linux user and then based on each of the uses permissions it figures out which of the different user groups your account should be associated with. So it associates this app for a photo editor, let's say, with its own Linux user. And then it associates that Linux user with the underlying camera group. And so now, when your app is running, if your app goes and tries to access the camera, Android and it's underlying Linux kernel can look at the user account associated with your app, and then can check if it's part of this Linux user group that should have access to the camera. So underneath the hood, all of these permissions that we see in our apps and that are manifested as uses permissions in the Android manifest XML files, actually get mapped down to Linux user groups.

Explora nuestro catálogo

Inscríbete de manera gratuita y obtén recomendaciones personalizadas, actualizaciones y ofertas.

Coursera brinda acceso universal a la mejor educación del mundo, al asociarse con las mejores universidades y organizaciones, para ofrecer cursos en línea.

© 2019 Coursera Inc. Todos los derechos reservados.

Consíguelo en Google Play

Coursera
Acerca de
Liderazgo
Empleo
Catálogo
Certificados
Certificados MasterTrack™
Grados
For Enterprise
For Government
Para el campus

Comunidad
Learners
Partners
Developers
Beta Testers
Translators

Conectar
Blog
Facebook
LinkedIn
Twitter
Instagram
Youtube
Blog de Tecnología

Más
Términos
Privacidad
Ayuda
Accesibilidad
Prensa
Contacto
Directorio
Afiliados