| commit | b1f29d5ada5e01d43b4780283d3569e4ae6f4e11 | [log] [tgz] |
|---|---|---|
| author | Hans-Christoph Steiner <hans@guardianproject.info> | Wed Aug 10 12:09:08 2016 +0000 |
| committer | Hans-Christoph Steiner <hans@guardianproject.info> | Wed Aug 10 12:09:08 2016 +0000 |
| tree | 33dcb37623440d4bf5cf1fec6b87a9d7f6702dd2 | |
| parent | e4de1f1e1b8e26010b417100fb3da0b4e5595cb0 [diff] | |
| parent | 1bb476ccc4720b10ac09eb4063666713955171df [diff] |
Merge branch 'whitelist' into 'master' Replace signature permission with whitelist Instead of using a signature permission to protect the service, we now use a whitelist approach to ease the integration of the extension into custom roms. Now rom maintainer can build the extension on their own and sign it with their own key. The extension then still works with a F-Droid client signed with the F-Droid key. See merge request !1
When F-Droid is installed as a normal Android app, installing, updating, and removing apps can only be done by requesting the Android operating system to do this. F-Droid cannot execute this operations on itself. Thus, the operating system shows a screen on every install/update to get confirmation from the user that he/she really wants to install this app. This is a security feature of Android to prevent the installation of malware without user intervention.
The downside for F-Droid is that this prevents us from updating apps in the background, which is an essential feature of a modern package manager.
Here comes the F-Droid Privileged Extension into play. To have the same privileges as other pre-installed package managers, such as Google Play, i.e., installing/updating apps in the background, F-Droid needs so called "privileged permissions". To get these we provide an extension to F-Droid which must be either shipped with your Android distribution/rom or installed into the system.
More information be found in the wiki page.
./gradlew assembleRelease
You can download the extension from our repo.