Use a 16 byte random suffix for installed apk directory name
This prevents apps (both normal and ephemeral) from learning what
applications are installed by checking for the existence of
/data/app/com.example.package-1. /data/app and /data/ephemeral-app are
already 771 and so cannot be ls'd but because the directory names are
guessable it is still possible to learn if known packages are installed.
Apps can still learn if a package is installed and where via the
standard APIs but not by directly using the filesystem. This is
important for ephemeral apps since normal apps should not be aware of
installed ephemeral apps (unless needed) and ephemeral apps shouldn't be
aware of other ephemeral apps.
Test: adb install --ephemeral, verify the code directory has random
suffix
Test: runtest -c android.content.pm.PackageManagerTests frameworks-core
Test: cts-tradefed run commandAndExit cts -m CtsAppSecurityTestCases
Change-Id: Id4883f5cfb9664307cf8518e2db3fef0e2d632d0
1 file changed