Restrictions on mobile servers?

J. Landman Gay jacque at hyperactivesw.com
Thu Jul 20 16:20:58 EDT 2017


On 7/20/17 1:44 PM, Richard Gaskin via use-livecode wrote:
> J. Landman Gay wrote:
> 
>  > On 7/20/17 11:59 AM, Richard Gaskin via use-livecode wrote:
>  >> On the desktop, most OSes at least provide some means of requiring
>  >> explicit admin permission to allow an app to open a TCP port for
>  >> listening.
>  >>
>  >> What restrictions are imposed by iOS and Android for similar
>  >> security?
>  >
>  > On Android, the user must agree to Internet and all other permissions
>  > stated in the manifest before download begins if the app is in the
>  > Play Store. In newer versions of Android the user has the ability to
>  > turn off any permission at any time from within the OS settings.
> 
> So that one setting applies to both client and server roles, the ability 
> to send requests to servers and also to expose the device to probing 
> from the open Internet?
> 

First off, I was wrong about how Android verifies permissions. It lists 
all permissions assigned to the app in a dialog prior to installation, 
so you can cancel or at least be aware of what you might want to turn 
off later. The source of the apk is immaterial, the permissions 
notification is part of the install process.

That said, the internet permission applies to any type of internet 
communication. If it's turned off, the app can neither send nor receive 
internet data; it's my understanding that the OS blocks the connection 
from either side.

-- 
Jacqueline Landman Gay         |     jacque at hyperactivesw.com
HyperActive Software           |     http://www.hyperactivesw.com




More information about the use-livecode mailing list