Reputation: 3273
Protect files from being accessed outside the app itself
I am developing an android application, where I download pdf files.
So I create a file called NameProject where I put all downloaded pdfs. I can access this file via my application and also via other application like File Manager.
The android file system is open so I need to protect downloaded files from being accessed outside the app itself.
Can I do that? If yes, any ideas will be appreciated.
Thanks
Upvotes: 3
Views: 1867
Answers (2)
Reputation: 569
Download file to the application internal storage directory (/data/data/packagename) which should be not accessible without root permition. But keep there only necessary files as much phones have small internal memmory.
File appdir = context.getDir("mydir", Context.MODE_PRIVATE);
File fileWithinAppDir = new File(appdir, "appfile");
Upvotes: 1
Reputation: 2511
Not an android expert here. Hence I don't know how the files are protected between the different applications. But in any case, if the device is rooted, even that one will not matter.
Although it is not something I condone or practice, your only glimmer of hope is, security by obscurity. What I mean is, when you put these files onto the application filesystem space, use an encryption schema and encrypt the file. Make sure you have a decrypt algorithm for it, in your application. Here, I am assuming these will be read only files, since you mentioned PDF. If not, i.e., if the end user will be able to edit and save them, you will need the encrypt functionality in your app as well.
I think you got the gist of where I am going at, with this.
- End user starts app and selects a file to display
- application decrypts that file into a temporary name
- a. (optionally) user edits and saves the file
- b. (optionally) application encrypts the file and saves it as the original name
- application deletes the temporary, unencrypted file
Depending on how important this, not being able to be accessed outside the application, concept to you, you might want to wrap this logic into another set of conditionals and measures against them.
But after all, a determined mind can and will eventually find a way to crack them. Especially if you are releasing the app to the wild, i.e. the internet. In a controlled corporate environment deployments, you have a better chance of keeping them under wraps for longer periods of time, with corporate policies etc. But, in the ultimate end, this is a futile effort. It will just buy you some time. How much time, is the only question.
Hope this helps
Upvotes: 1
Related Questions
- How to protect my app files being read/ write by other apps, in non-root device?
- Protecting files on android
- Protect App files from accessing
- Security of files in android
- how to hide android app downloaded files outside the app users
- Only my application should have permission to access the files generated by app
- Save file in android, so the user can't read
- file security android: how can I make a file to be read by my android application only
- Restrict folder access to android apps