Updated App Security (markdown)
parent
6b71f0c55c
commit
755c6b8b4b
|
@ -6,7 +6,6 @@ This page deals with security choices related to the app in relation to the Andr
|
|||
* ``AndroidManifest.xml`` has ``android:allowBackup="false"``.
|
||||
From ``./lint --show AllowBackup``:
|
||||
> This may have security consequences for an application. adb backup allows users who have enabled USB debugging to copy application data off of the device. Once backed up, all application data can be read by the user. adb restore allows creation of application data from a source specified by the user. Following a restore, applications should not assume that the data, file permissions, and directory permissions were created by the application itself.
|
||||
|
||||
* Due to ``android:allowBackup="false"``, apps such as [Helium](https://play.google.com/store/apps/details?id=com.koushikdutta.backup) will **not** work
|
||||
* We explicitly do not implement a [Backup Agent](http://developer.android.com/guide/topics/data/backup.html), so no keys are transferred to Google's cloud.
|
||||
* All keys (private and public) are stored inside the app's sqlite database. It resides in ``/data/data/org.sufficientlysecure.keychain/databases/openkeychain.db``
|
||||
|
|
Loading…
Reference in New Issue