Adding security to sticky broadcast

Question

As per android developers documentation:

http://developer.android.com/reference/android/content/Context.html#sendStickyBroadcast(android.content.Intent)

There is no provision to provide a user defined permission to secure a sticky broadcast.

I have tried using sendStickyBroadcastAsUser which requires an application to have two things (as per the above link) : 1. Have the permission "INTERACT_ACROSS_USERS" and 2. the application must be a system app.

However I have tried implementing it with the guidelines but still could receive the sticky broadcast without the above two mentioned pre conditions (i.e with a normal application without the required permission) which still keeps my broadcast insecure.

Following is my code snippet:

    // send sticky broadcast.
    Intent intent = new Intent("my_action");
    intent.putExtra("my_extra", state);
    if (DebugMode.DEBUG) {
        Log.d(TAG, "Sending Broadcast " + intent.toUri(0));
    }

    Parcel in = Parcel.obtain();
    context.sendStickyBroadcastAsUser(intent, new UserHandle(in ));
    in.recycle();

I cannot use a normal broadcast since it needs to stay in system for other apps to read my application's status from it.

Is there a way to secure my sticky broadcast?

Answer 1

There is no public API for sending a sticky broadcast and requiring receivers to hold a specific permission. The API assumes that if you are sending something as sticky you want it to stay around and be available for anything which comes along later. The sendStickyBroadcastAsUser() method does not impose any restrictions on the receivers of the broadcast. The "system app" and permission required apply only to the sender of the sticky broadcast. This method is for sending broadcasts to applications which are being run by other physical users (i.e. multi human user device) as opposed to separate app packages running as different Linux user IDs.

You might consider having your client apps send a broadcast of a specific type to query the status of your app rather than rely on a sticky broadcast such as this. If your app is up and running, it could then reply with a broadcast (normal) of its own with up to date status information and require custom receiver permissions since it would not be a sticky broadcast.